Top 10 Stories

An extension of the WooCommerce WordPress plugin, used by 28 percent of all online stores, has been patched against a reflected cross-site scripting vulnerability. The vulnerability was found in the Product Vendors plugin, which allows an existing ecommerce site to support multiple vendors, products and payment options. Versions 2.0.35 and earlier are affected by this vulnerability, and site owners are urged to patch immediately. View Full Story ORIGINAL SOURCE: Threatpost

A team of hackers at the CIA, the Central Intelligence Agency, allegedly used a Windows hacking tool against its targets to gain persistent remote access. As part of its Vault 7 leaks, WikiLeaks today revealed details about a new implant developed by the CIA, dubbed AngelFire, to target computers running Windows operating system. View Full Story ORIGINAL SOURCE: The Hacker News

Cybercriminals on average charge $544 for ransom per device, signaling a new sweet spot for payouts. Ransomware is on track to surpass last year's wave of attacks, and businesses are getting hit with ransomware nearly as much as consumers, according to Symantec's Internet Security Threat Report released today. View Full Story ORIGINAL SOURCE: Dark Reading

Enterprises are complying with the Payment Card Industry Data Security Standard (PCI DSS) more, but the number of organizations in compliance is still low enough to leave the door open for cyberattacks, according to Verizon. View Full Story ORIGINAL SOURCE: ZDNet

A cyber-espionage group believed to be operating out of Russia for the past two decades has deployed a new backdoor trojan on computers at embassies in Southeast Europe, former Soviet states, and some South American countries. View Full Story ORIGINAL SOURCE: Bleeping Computer

Instagram has revealed a flaw in its systems revealed "a number of" stars' phone numbers and email addresses to cyber-attackers. The Facebook-owned social network has emailed verified members, usually prominent figures, to let them know. View Full Story ORIGINAL SOURCE: BBC

Office 365, Microsoft’s software-as-a-service productivity software suite popular with corporate users, is increasingly becoming attackers’ preferred way into business networks, Barracuda researchers warn. View Full Story ORIGINAL SOURCE: Help Net Security

While the emergence of new technologies such as machine learning, Artificial Intelligence and automation are helping propel businesses forward, they’re also opening up organisations to growing security risks. Huge advances are being made in genomics, and manufacturing technologies, with machines closing in on human abilities with astonishing speed. Yet, cybercrime represents the dark side of digitisation, and is the mastermind of increasingly sophisticated individuals. We’re now facing the most significant cybersecurity threat to date. This...

Theresa May has refused to rule out using cyber warfare or even taking part in military action against North Korea if it does not stop firing missiles in “illegal” acts of provocation. View Full Story ORIGINAL SOURCE: The Telegraph

Second-hand electronics retailer CeX said on Tuesday (29 August) it suffered a massive "online security breach" compromising the personal data and passwords of up to two million customers. The UK retailer said customers' names, physical addresses, email addresses and phone numbers were compromised in the attack that saw "an unauthorised third party" illegally access its computer systems. View Full Story ORIGINAL SOURCE: IB Times UK