October 18, 2023 at 12:28PM The MATA backdoor framework has been observed in attacks targeting oil and gas firms and the defense industry in Eastern Europe between August 2022 and May 2023. The attacks used spear-phishing emails to trick victims into downloading malicious executables that exploit a vulnerability in Internet Explorer. The updated MATA framework … Read more
October 12, 2023 at 10:55AM A WordPress backdoor that disguises itself as a legitimate plugin has been discovered by security firm Defiant. The backdoor can run as a plugin and perform various functions, including creating an admin account and serving malicious content based on specific filters. It can also be operated remotely by the threat … Read more
October 12, 2023 at 10:38AM Researchers have discovered a sophisticated malware hidden within an authentic-looking WordPress caching plugin. This malware can create admin accounts and remotely activate plugins, giving threat actors complete control over infected websites. The malware can be difficult to detect and has features like conditional content filtering and file modification capabilities. WordPress … Read more
October 12, 2023 at 10:34AM A campaign known as “Stayin’ Alive” has been targeting government organizations and telecom service providers in Asia with disposable malware since 2021, according to cybersecurity firm Check Point. The attacks originate from the Chinese group ToddyCat and use spear-phishing emails to distribute malware loaders and backdoors. Check Point believes there … Read more
October 12, 2023 at 06:33AM Researchers have discovered a new type of malware that disguises itself as a WordPress plugin in order to gain control over compromised websites. The malware is capable of creating administrator accounts, remotely controlling the site, altering content, injecting spam links, and redirecting visitors to malicious sites. It is difficult to … Read more
October 11, 2023 at 05:31PM A new malware disguised as a caching plugin is targeting WordPress sites, allowing threat actors to gain control over the site. The malware functions as a backdoor, enabling the management of plugins, content replacement, and redirecting users to malicious locations. It disguises itself as a legitimate plugin to avoid detection. … Read more
October 11, 2023 at 08:54AM Over 17,000 WordPress websites were hacked in September 2023, double the number from the previous month. Around 9,000 of these websites were infiltrated using a security flaw in the tagDiv Composer plugin, allowing for cross-site scripting attacks. The Balada Injector malware is responsible for these attacks, which aim to redirect … Read more
October 10, 2023 at 05:29PM Former FTX head Sam Bankman-Fried is currently on trial for fraud. Prosecutors presented Python code that allowed flagged client accounts on FTX to spend money they didn’t have. Multiple accounts tied to Alameda Research, Bankman-Fried’s hedge fund, were flagged, contradicting his previous statement. Bankman-Fried is accused of using customer funds … Read more