Tag: security
Hackers are using LinkedIn smart links to target users in phishing attacks
If you have a service that allows you to contact people, you can be sure hackers will try to abuse it to deliver malware or steal login credentials and other personally identifiable info. Case in point – LinkedIn Smart Links. The tool, offered as part of the professional social network’s…
Read More
Mirai DDoS could be back, as it adds 13 more router brands to its arsenal
The dreaded Mirai distributed denial of service (DDoS) botnet might be set for a return after researchers spotted a lookalike botnet expanding fast. Cybersecurity researchers from Fortinet recently observed a botnet called IZ1H9 adding a dozen new payloads. The botnet is based on Mirai, and targets routers from almost a…
Read More
Watch out – even Microsoft WordPad could be a Windows security threat now
Microsoft has fixed a flaw that allowed hackers to abuse the iconic WordPad application to steal NTLM hashes – cryptographic formats in which Windows stores user passwords. The vulnerability is tracked as CVE-2023-36563, a 6.5 severity score flaw described as an information disclosure bug. It’s apparently one of two flaws…
Read More
Google says it blocked the largest DDoS attack ever detected
Google says has stopped the “largest Distributed Denial of Service” (DDoS) attack ever, and together with industry peers, discovered the vulnerability that made the attack possible in the first place. In a blog post outlining its work, Google says the blocked attack was 7.5 times larger than the largest-ever recorded…
Read More
Thousands of WordPress sites have been hit by another major plugin flaw – find out if you’re at risk
Tens of thousands of WordPress (WP) sites have been compromised through a flaw in popular premium themes, with the attackers using the vulnerability to redirect visitors elsewhere. As reported by BleepingComputer, cybersecurity researchers Sucuri recently discovered that tagDiv Newspaper and tagDiv Newsmag WordPress themes both carried a vulnerable companion tool…
Read More
Millions of hacked Android and iOS phones are being used to run a massive ad fraud campaign
Cybersecurity researchers from HUMAN recently discovered a major ad fraud botnet scheme they called PEACHPIT. The scheme involved dozens of apps, downloaded millions of times all across the world, generating huge amounts of money for the developers, through fraudulent advertising. To best understand PEACHPIT we need to take a step…
Read More