As many as 1.6 million WordPress sites have been targeted by an active large-scale attack campaign originating from 16,000 IP addresses by exploiting weaknesses in four plugins and 15 Epsilon Framework themes. WordPress security company Wordfence, which disclosed details of the attacks, said Thursday it had detected and blocked more than 13.7 million attacks aimed at the … [Read more...] about 1.6 Million WordPress Sites Under Cyberattack From Over 16,000 IP Addresses
hacking news
A New Rust-based Ransomware Malware Spotted in the Wild
Details have emerged about what's the first Rust-language-based ransomware strain spotted in the wild that has already amassed "some victims from different countries" since its launch last month. The ransomware, dubbed BlackCat, was disclosed by MalwareHunterTeam. "Victims can pay with Bitcoin or Monero," the researchers said in a series of tweets detailing the file-encrypting … [Read more...] about A New Rust-based Ransomware Malware Spotted in the Wild
Why Holidays Put Your Company at Risk of Cyber Attack (And How to Take Precautions)
It is a time when many are thinking of their families and loved ones, time off work, and gift-giving – the holidays. However, while many have their minds outside the realm of work during the holiday season, often, this is when attackers plan their most sinister attacks. So how can you take precautions to protect your organization during these times? Why holidays put your … [Read more...] about Why Holidays Put Your Company at Risk of Cyber Attack (And How to Take Precautions)
Google Disrupts Blockchain-based Glupteba Botnet; Sues Russian Hackers
Google on Tuesday said it took steps to disrupt the operations of a sophisticated "multi-component" botnet called Glupteba that approximately infected more than one million Windows computers across the globe and stored its command-and-control server addresses on Bitcoin's blockchain as a resilience mechanism. As part of the efforts, Google's Threat Analysis Group (TAG) said it … [Read more...] about Google Disrupts Blockchain-based Glupteba Botnet; Sues Russian Hackers
Eltima SDK Contain Multiple Vulnerabilities Affecting Several Cloud Service Provides
Cybersecurity researchers have disclosed multiple vulnerabilities in a third-party driver software developed by Eltima that have been "unwittingly inherited" by cloud desktop solutions like Amazon Workspaces, Accops, and NoMachine and could provide attackers a path to perform an array of malicious activities. "These vulnerabilities allow attackers to escalate privileges … [Read more...] about Eltima SDK Contain Multiple Vulnerabilities Affecting Several Cloud Service Provides
Malicious KMSPico Windows Activator Stealing Users’ Cryptocurrency Wallets
Users looking to activate Windows without using a digital license or a product key are being targeted by tainted installers to deploy malware designed to plunder credentials and other information in cryptocurrency wallets. The malware, dubbed "CryptBot," is an information stealer capable of obtaining credentials for browsers, cryptocurrency wallets, browser cookies, credit … [Read more...] about Malicious KMSPico Windows Activator Stealing Users’ Cryptocurrency Wallets
Pegasus Spyware Reportedly Hacked iPhones of U.S. State Department and Diplomats
Apple reportedly notified several U.S. Embassy and State Department employees that their iPhones may have been targeted by an unknown assailant using state-sponsored spyware created by the controversial Israeli company NSO Group, according to multiple reports from Reuters and The Washington Post. At least 11 U.S. Embassy officials stationed in Uganda or focusing on issues … [Read more...] about Pegasus Spyware Reportedly Hacked iPhones of U.S. State Department and Diplomats
Researches Detail 17 Malicious Frameworks Used to Attack Air-Gapped Networks
Four different malicious frameworks designed to attack air-gapped networks were detected in the first half of 2020 alone, bringing the total number of such toolkits to 17 and offering adversaries a pathway to cyber espionage and exfiltrate classified information. "All frameworks are designed to perform some form of espionage, [and] all the frameworks used USB drives as the … [Read more...] about Researches Detail 17 Malicious Frameworks Used to Attack Air-Gapped Networks
Researchers Detail How Pakistani Hackers Targeting Indian and Afghan Governments
A Pakistani threat actor successfully socially engineered a number of ministries in Afghanistan and a shared government computer in India to steal sensitive Google, Twitter, and Facebook credentials from its targets and stealthily obtain access to government portals. Malwarebytes' latest findings go into detail about the new tactics and tools adopted by the APT group known as … [Read more...] about Researchers Detail How Pakistani Hackers Targeting Indian and Afghan Governments
Meta Expands Facebook Protect Program to Activists, Journalists, Government Officials
Meta, the company formerly known as Facebook, on Thursday announced an expansion of its Facebook Protect security program to include human rights defenders, activists, journalists, and government officials who are more likely to be targeted by bad actors across its social media platforms. "These people are at the center of critical communities for public debate," said Nathaniel … [Read more...] about Meta Expands Facebook Protect Program to Activists, Journalists, Government Officials