Author Archives: Graham

WordPress Plugin Flaws Are Exploitable

Vulnerabilities in several WordPress plugins have been exposed. Updates are available to address flaws in the following plugins – Duplicator, Flexible Checkout Fields for WooCommerce, Profile Builder, ThemeGrill Demo Importer, Async JavaScript, 10Web Map Builder for Google Maps, and Modern Events Calendar Lite plugins. Attackers have also been exploiting a vulnerability in ThemeREX Addons; there […]

KnowBe4 Named a Leader in The Forrester Wave™ for Security Awareness and Training Solutions

We are excited to announce that Forrester Research has named KnowBe4 as a Leader in The Forrester Wave™: Security Awareness and Training Solutions, Q1 2020 based on our scores in the strategy, market presence, and current offering categories. We received the highest scores possible in 17 out of 23 evaluation criteria, including learner content and go-to-market approach. […]

Barbara Corcoran is missing nearly $400,000 Wednesday morning after her office was victimized by email scammers

“Shark Tank” star ( an American business reality television series ) Barbara Corcoran is missing nearly 400,000 Wednesday morning after her office was victimized by email scammers who used a tiny typo to gain the upper hand. The scam started last week when an email chain was forwarded to Barbara’s bookkeeper, a woman named Christine. […]

Attack Anatomy – Session Hijacking

In session hijacking, the phisher exploits the web session control mechanism to steal information from the user. In a simple session hacking procedure known as session sniffing, the phisher can use a sniffer to intercept relevant information so that he or she can access the Web server illegally. By scanning your website we can detect pages […]

View one of the Best Security Awareness Training and Phishing Progams

Phishing Statistics

Join us Wednesday, March 4 @ 19:00 (GMT), for a live demonstration of how Middlewave introduces a new-school approach to security awareness training and simulated phishing. See how easy it is to train and phish your users: Train your users with access to the world’s largest library of awareness training content and automated training campaigns with scheduled reminder emails. […]

A U.S. Natural Gas Operator Shuts Down for 2 Days After a Phishing Attack Infects it With Ransomware

A U.S. Natural Gas Operator Shuts Down for 2 Days After a Phishing Attack Infects it With Ransomware Dan Goodin at Ars Technica reported something worrisome: “A US-based natural gas facility shut down operations for two days after sustaining a ransomware infection that prevented personnel from receiving crucial real-time operational data from control and communication […]