October 12, 2023 at 08:59AM Shadow PC, a cloud gaming service, has notified customers of a data breach resulting from a social engineering attack on an employee. An info-stealer malware was used to steal customer data, including names, email addresses, dates of birth, billing addresses, and credit card expiration dates. Shadow has revoked the stolen … Read more
October 12, 2023 at 06:33AM Researchers have discovered a new type of malware that disguises itself as a WordPress plugin in order to gain control over compromised websites. The malware is capable of creating administrator accounts, remotely controlling the site, altering content, injecting spam links, and redirecting visitors to malicious sites. It is difficult to … Read more
October 12, 2023 at 03:42AM A cyber attack campaign named Stayin’ Alive is targeting government and telecom entities in Asia using basic backdoors and loaders for delivering malware. The campaign’s infrastructure is similar to that used by ToddyCat, a China-linked threat actor known for cyber assaults in Europe and Asia. The attacks start with a … Read more
October 11, 2023 at 05:31PM A new malware disguised as a caching plugin is targeting WordPress sites, allowing threat actors to gain control over the site. The malware functions as a backdoor, enabling the management of plugins, content replacement, and redirecting users to malicious locations. It disguises itself as a legitimate plugin to avoid detection. … Read more
October 11, 2023 at 05:23PM Chinese APT group “ToddyCat” is using simple but constantly evolving custom backdoors and loaders to target telecommunications organizations in Central and Southeast Asia. The group, previously linked to Chinese espionage operations, uses spear phishing emails with archive files to exploit a DLL sideloading vulnerability. While the malware used by ToddyCat … Read more
October 11, 2023 at 04:24PM The cybersecurity community anxiously awaited the disclosure of two security flaws in the open source proxy resolution tool, Curl. However, after patches and bug details were unveiled, neither vulnerability lived up to the hype. The first flaw could allow data corruption or remote code execution, but it only affects a … Read more
October 11, 2023 at 11:41AM Attackers are using a new method of certificate abuse to spread info-stealing malware, including stealing cryptocurrency from Windows systems. The campaign involves search engine optimization poisoning to deliver malicious pages promoting illegal software downloads. The malware uses special certificates with long strings of non-English characters, making them difficult to detect. … Read more
October 11, 2023 at 08:54AM Over 17,000 WordPress websites were hacked in September 2023, double the number from the previous month. Around 9,000 of these websites were infiltrated using a security flaw in the tagDiv Composer plugin, allowing for cross-site scripting attacks. The Balada Injector malware is responsible for these attacks, which aim to redirect … Read more
October 10, 2023 at 12:46PM Microsoft plans to phase out VBScript in future Windows releases, after 30 years of use. VBScript will be available as an on-demand feature before being removed from the operating system. This move is likely due to the discontinuation of Internet Explorer and is part of Microsoft’s strategy to mitigate malware … Read more
October 10, 2023 at 04:40PM Human Security has revealed the details of a large-scale fraud scheme called “Bandbox,” which involves Android TV streaming devices infected with malware. A consultant, Daniel Milisic, has provided a script and instructions to help users mitigate the threat. Around 74,000 Android devices globally are potentially impacted by the Badbox infection, … Read more