Protect against Log4J without patching
Learn More
 
Protect against Log4J without patching
Learn More

news-highlightsWooCommerce Bug Targeted on the Heels of Patch Rollout | K2 Cyber Security

Critical WooCommerce Vulnerability Targeted Hours After Patch

News Highlights

July 19, 2021

Critical WooCommerce Vulnerability Targeted Hours After Patch


CyberWire Pro covered the news of a critical vulnerability detected in WordPress eCommerce plug-in WooCommerce. The vulnerability has been targeted by threat actors just as a patch was released. ThreatPost explains that as soon as WooCommerce became aware of the SQL-injection bug, reported by researchers at Development Operations Security and HackerOne on July 13, it immediately created and released an emergency patch to users, and the attacks began on July 15.

K2’s CEO and Co-Founder, Pravin Madhani was tapped for commentary by CyberWire Pro on the WooCommerce story.

Click here to read more about the WooCommerce vulnerability and K2’s commentary.

K2 CYBER SECURITY

K2 Cyber Security delivers the Next Generation Application Security Platform to secure web applications and container workloads against sophisticated attacks in OWASP Top 10 and provides exploitable vulnerability detection during pre-production. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production/QA servers for interactive application security testing to identify the location of the vulnerable code. K2’s solution generates almost no false positives, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools like Web Application Firewalls and host based EDR, finds missed exploitable vulnerabilities and dramatically reduces security cost. K2 Cyber Security is headquartered in the USA and provides cyber security solutions globally.

CONTACT INFO

K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131