Security Boulevard

ACFW firewall test prologue – still failing at the basics

The results of our soon-to-be-published Advanced Cloud Firewall (ACFW) test are hard to ignore. Some vendors are failing badly at the basics like SQL injection, command injection, Server-Side Request ...
Security Info Watch

Tenable Research Exposes “LookOut” Vulnerabilities in Google Looker, Raising Stakes for Self-Hosted Users

Critical remote code execution and database theft flaws highlight patching gaps and the hidden risk inside business ...

More than 40,000 WordPress sites affected by new malware flaw - find out if you're affected

QSM lets users create quizzes, surveys, and forms without coding, with more than 40,000 websites actively using it - but ...

More than 40,000 WordPress sites affected by new malware flaw

A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...

Russian-state hackers exploit Office vulnerability to infect computers

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the ...
SecurityWeek

Vulnerabilities Allowed Full Compromise of Google Looker Instances

Two vulnerabilities can be exploited to fully compromise instances of the Google Looker business intelligence platform.
Dark Reading

Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil

Attackers could even have used one vulnerable Lookout user to gain access to other Google Cloud tenants' environments.
SecurityWeek

Fresh SolarWinds Vulnerability Exploited in Attacks

CISA warns that a fresh critical-severity SolarWinds vulnerability leading to unauthenticated RCE has been exploited in attacks.