A lot of thought and meaning goes into the naming of infamous CPU side channel flaws, like ZombieLoad, Spectre and Meltdown. Go to Source

An attacker can supply a malicious hyperlink in order to secretly alter the download path for files shared in a Slack channel. Go to Source

A cross-site scripting flaw in a popular WordPress plugin enables an unauthenticated attacker to insert JavaScript payloads into impacted websites. Go to Source

The decision to pay a ransom in the case of a ransomware attack can be a complex one for businesses. Go to Source

The importance of reading the network tealeaves of a company’s network traffic to head off an attack. Go to Source

From a zero day flaw in WhatsApp, to Patch Tuesday fixes, Threatpost breaks down the top vulnerabilities of this week. Go to Source

The bloom is on mobile, whether it be the enterprise, employees or the cybercriminals plotting new ways to slip past a corporate defenses in a post-parameter world. Go to Source

The web skimming script was recently found stealing payment data on the websites of Forbes Magazine as well as seven others. Go to Source

The vendor also issued a patch schedule for the still-unpatched bug in its Secure Boot trusted hardware environment, which affects most of its enterprise and SMB portfolio, amounting to millions of vulnerable devices. Go to… Cisco Service Provider, WebEx Bugs Offer Up Remote Code Execution

Europol said it has dismantled the cybercrime network behind the GozNym malware, which siphoned more than $100 million from businesses. Go to Source