Nov 132018
 

Keumars Afifi-Sabet reports: Attackers have been exploiting a flaw in a WordPress GDPR-compliance plugin to hijack vulnerable websites and implement remote code execution. The flaw had been present in Wordfence’s GDPR Compliance plugin for at least four months and, ironically, allowed hackers to gain access to a site using the tool. Hackers could then execute any […]

Nov 132018
 

Evan Sweeney reports: More people were impacted by last month’s Heatlhcare.gov data breach than previously thought, according to an update from the Centers for Medicare & Medicaid Services (CMS). The agency reported a final total of 93,689 people whose information was compromised during an Oct. 16 data breach that targeted the Direct Enrollment pathway used […]

Nov 132018
 

Dani Deahl reports: The security company Imperva has released new details on a Facebook vulnerability that could have exposed user data. The bug allowed websites to obtain private information about Facebook users and their friends through unauthorized access to a company API, playing off a specific behavior in the Chrome browser. The bug was disclosed […]

Nov 132018
 

Andrew Blake reports: Marcel Lehel Lazar, a prolific computer hacker known as “Guccifer,” has been extradited to the United States to finish serving a prison sentence related to a cybercrime spree credited with exposing Hillary Clinton’s use of a personal email account while secretary of state, outlets in his native Romania reported Monday. Romania’s Alba […]