cyberthreats

Orchestrating Network Security to Handle Cyberthreats

Unfortunately for companies, cybercriminals don’t need to invent the wheel when choosing a way to hack corporate networks. Black hat hackers have a choice of cyberthreats and attack methods on a silver ...
Security Boulevard
Dissecting the WordPress 5.2.3 Update

Dissecting the WordPress 5.2.3 Update

Last week, WordPress released version 5.2.3 which was a security and maintenance update, and as such, contained many security fixes. Part of our day to day work is to analyse these security ...
Dissecting the WordPress 5.2.3 Update

Dissecting the WordPress 5.2.3 Update

Last week, WordPress released version 5.2.3 which was a security and maintenance update, and as such, contained many security fixes. Part of our day to day work is to analyse these security ...
Goodbye XSS Auditor

Goodbye XSS Auditor

| | XSS
Chrome's development team has decided to retire the XSS Auditor, its inbuilt Cross-Site-Scripting (XSS) filter that aimed to prevent reflected Cross Site Scripting vulnerabilities in the majority of cases. While this move ...
Icegram Persistent Cross-Site Scripting

Icegram Persistent Cross-Site Scripting

Icegram is a plugin that helps you collect email addresses for your newsletter. Other features include light-box popup offers, header action bars, toast notifications, and slide-in messengers. Versions 1.10.28.2 and lower are ...
XSS Auditors – Abuses, Updates and Protection

XSS Auditors – Abuses, Updates and Protection

| | Chrome, XSS
XSS Auditors are security mechanisms in browsers that operate as a preventative layer against Reflected Cross-site Scripting attacks. Each browser has a different way of implementing XSS Auditors. In this blog post, ...

Stored XSS in MyBB

The open source PHP forum software myBB recently published a new update, version 1.8.21. This is a security release fixing a Stored XSS vulnerability in the private messaging and post modules. What ...
Slimstat: Stored XSS from Visitors

Slimstat: Stored XSS from Visitors

The WordPress Slimstat plugin, which currently has over 100k installs, allows your website to gather analytics data for your WordPress website. It will track certain information such as the browser and operating ...
Persistent XSS via CSRF in WP Meta and Date Remover

Persistent XSS via CSRF in WP Meta and Date Remover

During regular research audits for our Sucuri Firewall (WAF), we discovered a Cross Site Request Forgery (CSRF) leading to a persistent Cross Site Scripting vulnerability affecting 70,000+ users of the WP Meta ...
The Cross-site Scripting (XSS) Vulnerability: Definition and Prevention

The Cross-site Scripting (XSS) Vulnerability: Definition and Prevention

The Cross-Site Scripting vulnerability is one of the few vulnerabilities that has made it in every OWASP Top 10 list of most critical web application security risks released. To understand the Cross-site ...
Loading...