Tag: security
Another major WordPress security flaw is putting thousands of websites at risk
Cybersecurity researchers from Defiant recently spotted a new malware strain targeting WordPress by impersonating an optimization plugin. The goal of the malware, it was said, was to grant the attackers administrative access to the WordPress website. While cleaning a website over the summer of 2022, the researchers discovered a plugin…
Read More
The US government is officially investigating the MOVEit vulnerability
The US Government has finally started its investigation into the MOVEit data breach that allegedly affected thousands of organizations around the world. The move follows Progress Software (the company that built MOVEit) filing a document with the US Securities and Exchange Commission (SEC) in which it stated it had been…
Read More
Apple is making passkeys easier than ever – if you have iOS 17 or macOS Sonoma
Users of Apple‘s latest devices have just been handed a security and convenience boost that should mean they can ditch password for the company’s own websites now. If you have a new iPhone running the latest iOS 17, an iPad with iPadOS 17, or a Mac with macOS Sonoma, then…
Read More
Hackers are using LinkedIn smart links to target users in phishing attacks
If you have a service that allows you to contact people, you can be sure hackers will try to abuse it to deliver malware or steal login credentials and other personally identifiable info. Case in point – LinkedIn Smart Links. The tool, offered as part of the professional social network’s…
Read More
Mirai DDoS could be back, as it adds 13 more router brands to its arsenal
The dreaded Mirai distributed denial of service (DDoS) botnet might be set for a return after researchers spotted a lookalike botnet expanding fast. Cybersecurity researchers from Fortinet recently observed a botnet called IZ1H9 adding a dozen new payloads. The botnet is based on Mirai, and targets routers from almost a…
Read More
Watch out – even Microsoft WordPad could be a Windows security threat now
Microsoft has fixed a flaw that allowed hackers to abuse the iconic WordPad application to steal NTLM hashes – cryptographic formats in which Windows stores user passwords. The vulnerability is tracked as CVE-2023-36563, a 6.5 severity score flaw described as an information disclosure bug. It’s apparently one of two flaws…
Read More