"LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks"

"LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks"

According to security researchers at Patchstack, a vulnerability in the popular LiteSpeed Cache plugin for WordPress could allow attackers to retrieve user cookies and potentially take over websites.  The issue, tracked as CVE-2024-44000, exists because the plugin may include the HTTP response header for set-cookie in the debug log file after a login request.  The researchers noted that because the debug log file is publicly accessible, an unauthenticated attacker could access the information exposed in the file and extract any user cookies stored in it.

Submitted by Adam Ekwall on

"Rapid Growth of Password Reset Attacks Boosts Fraud and Account Takeovers"

"Rapid Growth of Password Reset Attacks Boosts Fraud and Account Takeovers"

According to security researchers at LexisNexis Risk Solutions, as many as one in four password reset attempts from desktop browsers are fraud.  The researchers found that there are 70,000 password reset attacks in the UK every week, with fraudsters aiming to take over individuals’ online accounts.  This includes changing users’ passwords and phone numbers and locking them out of services.  These “detail change” attacks rose by 232% in 2023.  Criminal hackers then use the personal information from accounts for further fraud.

Submitted by Adam Ekwall on

International Conference on Engineering Digital Twins (EDTconf)

"The International Conference on Engineering Digital Twins (EDTconf) aims to bring together researchers and practitioners on digital twins, from both academia and industry to shape the future of systematically designing, developing, evolving, maintaining, and validating digital twins."

Topics of interest include, but are not limited to security.

ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA)

"The ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA) is the leading research symposium on software testing and analysis, bringing together academics, industrial researchers, and practitioners to exchange new ideas, problems, and experience on how to analyze and test software systems."

Topics of interest include, but are not limited to security.

"Penpie DeFi Platform Files Reports With FBI, Singapore Police After $27 Million Crypto Theft"

"Penpie DeFi Platform Files Reports With FBI, Singapore Police After $27 Million Crypto Theft"

Hackers have stolen over $27 million in cryptocurrency from the Penpie Decentralized Finance (DeFi) protocol. Due to the theft, Penpie has shut down withdrawals and deposits. Penpie filed a complaint with the Federal Bureau of Investigation's (FBI) Internet Crime Complaint Center (IC3) and messaged the hacker, promising a negotiated bounty payment for the safe return of funds. The attack happened the same day the FBI warned cryptocurrency companies of attacks launched by hackers in North Korea. This article continues to discuss the $27 million cryptocurrency theft.

Submitted by grigby1 CPVI on

Generative AI for Automotive USA 2024 Conference

"GenAI is reshaping the automotive landscape, offering unprecedented opportunities for innovation, and disrupting the way vehicles are designed, manufactured, and experienced. There are now several ongoing initiatives and talks to break into and develop GenAI, a lot of continuing bottom-up innovation - and investment in the space is rising as new automotive projects kick-off.

2024 IEEE 100th Vehicular Technology Conference (VTC2024-Fall)

"This semi-annual flagship conference of IEEE Vehicular Technology Society will bring together individuals from academia, government, and industry to discuss and exchange ideas in the fields of wireless, mobile, and vehicular technology."

Topics of interest include, but are not limited to security for wireless networks.

Subscribe to