[ThreatPost] WordPress Plugin Bug Lets Subscribers Wipe Sites

The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable WordPress site, deleting nearly all database content and uploaded media.

Source: Read More (Threatpost)

You might be interested in …

[ZDNet] Australia’s cops need reminding that chasing criminals isn’t society’s only need

All posts, ZDNet

‘It’s not illegal so I’ll keep doing it’ isn’t good enough. During a pandemic, law enforcement agencies need to kick their data addiction and politicians need the spine to intervene. Source: Read More (Latest topics for ZDNet in Security)

Read More

[SecurityWeek] Vulnerabilities Allow Hacking of Zimbra Webmail Servers With Single Email

All posts, Security Week

Vulnerabilities in the Zimbra enterprise webmail solution could allow an attacker to gain unrestricted access to an organization’s sent and received email messages, software security firm SonarSource reveals. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[HackerNews] How Does MTA-STS Improve Your Email Security?

All posts, HackerNews

Simple Mail Transfer Protocol or SMTP has easily exploitable security loopholes. Email routing protocols were designed in a time when cryptographic technology was at a nascent stage (e.g., the de-facto protocol for email transfer, SMTP, is nearly 40 years old now), and therefore security was not an important consideration.  As a result, in most email […]

Read More