Articles that are tagged
VULNERABILITIES
North Korean Hackers Use Windows Update Service to Infect PCs with Malware
14 weeks ago
TThe Lazarus Group, also known as APT38, Hidden Cobra, Whois Hacking Team, and Zinc, is a known cybercrime group with ties to the North Korean government that recently abused the Windows Update Client to distribute malware. The researchers said they were investigating a phishing campaign mimicking Lockheed Martin, American aerospace,... Read more
TThe Lazarus Group, also known as APT38, Hidden Cobra, Whois Hacking Team, and Zinc, is... Read more
VULNERABILITIES
Dark Web's Largest Marketplace for Stolen Credit Cards Shuts Down
17 weeks ago
UniCC is shuttering its operations after earning $358 million in purchases since 2013 using cryptocurrencies such as Bitcoin, Litecoin, Ether, and Dash. It's the most prominent dark web marketplace for stolen credit and debit cards. The team gave its users ten days to spend their balances and warned them to... Read more
UniCC is shuttering its operations after earning $358 million in purchases since 2013 using cryptocurrencies... Read more
VULNERABILITIES
High-Severity Vulnerability in 3 WordPress plug-ins affected 84,000 websites
17 weeks ago
Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000 websites and could be abused by a malicious actor to take over vulnerable sites. Login/Signup Popup is installed on over 20,000 sites, while Side Cart Woocommerce and Waitlist Woocommerce have been installed on more than... Read more
Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000... Read more
VULNERABILITIES
Microsoft fixes Y2K22 Exchange bug that disrupted email worldwide on New Years
17 weeks ago
The turn of the new year triggered errors in Microsoft Exchange mail servers, causing thousands of emails around the world not to get sent and staying stuck on email transport queues causing entire servers to crash. The server administration community dubbed this bug “Y2K22” due to its similarity to the... Read more
The turn of the new year triggered errors in Microsoft Exchange mail servers, causing thousands... Read more
VULNERABILITIES
Cloud services used to distribute Netwire, Nanocore, and AsycnRat Malware
18 weeks ago
Malicious attackers have been using public cloud services from Amazon and Microsoft in their campaigns to deliver remote access trojans or RATS and use them to steal sensitive information from compromised systems. Employing existing infrastructure to support invasions is becoming more common. It eliminates the need for attackers to run... Read more
Malicious attackers have been using public cloud services from Amazon and Microsoft in their campaigns... Read more
VULNERABILITIES
New Apache Log4j Update Released to Patch Newly Discovered Vulnerability
19 weeks ago
Log4j is a popular Java library developed by the open-source Apache Software Foundation. Developers use it to log error messages in apps and cloud services such as Minecraft, Steam, and Apple iCloud. This software is publicly accessible and collects and stores activity records on a server. This week, Apache released... Read more
Log4j is a popular Java library developed by the open-source Apache Software Foundation. Developers use... Read more
VULNERABILITIES
Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges
21 weeks ago
Researchers at security firm Praetorian warned of a third separate security weakness in Log4j version 2.15.0, soon after Cloudflare revealed on Wednesday about threat actors actively attempting to exploit a second bug disclosed in the widely used Log4j logging utility making it possible to carry out denial-of-service (DoS) attacks. This... Read more
Researchers at security firm Praetorian warned of a third separate security weakness in Log4j version... Read more
VULNERABILITIES
Log4J—The Latest Cybercrime Storm
21 weeks ago
Log4j vulnerability has kickstarted a storm in the cyber world. Being famously called "a Fukushima moment for the cybersecurity industry," the security risk is leading to a monumental number of attacks attempting to exploit it. The vulnerability, also known as Log4Shell, was first discovered by LunaSec researchers. Log4Shell is an... Read more
Log4j vulnerability has kickstarted a storm in the cyber world. Being famously called "a Fukushima... Read more
VULNERABILITIES
New Payment Data Stealing Malware Hides in Nginx Process on Linux Servers
23 weeks ago
A new form of malware that targets Nginx servers has been attacking E-commerce platforms in the U.S., Germany, and France in an attempt to masquerade its presence and slip past detection by security solutions. Nginx, a free and open-source software, is a web server that can also be used as... Read more
A new form of malware that targets Nginx servers has been attacking E-commerce platforms in... Read more