All the latest blog posts from the most relevant cyber security companies in the business.

ThemeGrill Demo Importer is a popular plugin that allows WordPress website administrators to import demo content, widgets and settings for ThemeGrill themes. Researchers at web security company WebARX discovered recently that versions 1.3.4 through 1.6.1 of the plugin are affected by a critical vulnerability that allows an unauthenticated attacker to wipe the entire database of…

The finance director of the island’s Industrial Development Company, Rubén Rivera, said in a complaint filed to police Wednesday that the agency sent the money to a fraudulent account. Rivera said the government agency transferred the money on Jan. 17 after receiving an email that alleged a change to a banking account tied to remittance…

The new coronavirus outbreak, which started in China, has made a lot of headlines recently and has caused global panic. Over 40,000 infections have been confirmed and the death toll has exceeded 1,000. The virus has been named 2019-nCoV and Covid-19. Given the virus’s impact, it’s not surprising that cybercriminals and fraudsters have been leveraging…

It’s been more than three years since Russia’s sweeping and systematic effort to interfere in U.S. elections through disinformation on social media, stolen campaign emails and attacks on voting systems. U.S. officials have made advances in trying to prevent similar attacks from undermining the 2020 vote, but the potential threats have increased and some old…

An analysis of industrial control systems (ICS) has shown that many products contain features and functions that have been designed with no security in mind, allowing malicious hackers to abuse them and potentially cause serious damage. PAS, which provides industrial cybersecurity and operations management solutions, has analyzed data collected over the past year from over…

The flaw, tracked as CVE-2020-0674 and described as a memory corruption issue, affects the scripting engine in Internet Explorer, specifically a JScript component. The problematic component is a library named jscript.dll, which provides compatibility with a deprecated version of the JScript scripting language. According to Microsoft, the vulnerability can be exploited for remote code execution…

Israeli cybersecurity firm GuardKnox demonstrated the threat in a Formula 1 driving simulation at the Consumer Electronics show this week in Las Vegas. Moments into the virtual drive, a GuardKnox engineer playing the role of hacker struck and the steering wheel no longer controlled the speeding car. The faux race was over for the driver,…

The Republican governor addressed the third annual Massachusetts Cybersecurity Forum Thursday at the Statehouse. Baker and the Massachusetts Technology Collaborative convened the event to bring about 200 cybersecurity experts together. The new program is backed by $300,000 managed by the collaborative’s MassCyberCenter. It will pay for statewide workshops to provide municipalities tools to develop or…

The request was made in a letter signed by US Attorney General William Barr, British home secretary Priti Patel and Australian minister for home affairs Peter Dutton. “We are writing to request that Facebook does not proceed with its plan to implement end-to-end encryption across its messaging services… without including a means for lawful access…