Active XSS Attacks Targeting Amp for WP WordPress Plugin
Vulnerabilities were recently discovered in the popular AMP for WP plugin that allows any registered user to perform administrative actions on a WordPress site. It has now been discovered that an active XSS attack is underway that targets these same vulnerabilities to install backdoors and create rogue admin accounts. [...]
https://www.bleepingcomputer.com/news/security/active-xss-attacks-targeting-amp-for-wp-wordpress-plugin/
Vulnerabilities were recently discovered in the popular AMP for WP plugin that allows any registered user to perform administrative actions on a WordPress site. It has now been discovered that an active XSS attack is underway that targets these same vulnerabilities to install backdoors and create rogue admin accounts. [...]
https://www.bleepingcomputer.com/news/security/active-xss-attacks-targeting-amp-for-wp-wordpress-plugin/
BleepingComputer
Active XSS Attacks Targeting Amp for WP WordPress Plugin
Vulnerabilities were recently discovered in the popular AMP for WP plugin that allows any registered user to perform administrative actions on a WordPress site. It has now been discovered that an active XSS attack is underway that targets these same vulnerabilitiesβ¦
Emotet Returns with Thanksgiving Theme and Better Phishing Tricks
After a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees. [...]
https://www.bleepingcomputer.com/news/security/emotet-returns-with-thanksgiving-theme-and-better-phishing-tricks/
After a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees. [...]
https://www.bleepingcomputer.com/news/security/emotet-returns-with-thanksgiving-theme-and-better-phishing-tricks/
BleepingComputer
Emotet Returns with Thanksgiving Theme and Better Phishing Tricks
After a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees.
MageCart Group Sabotages Rival to Ruin Data and Reputation
Cybercriminals in the web-skimming business sabotage their competition by poisoning the payment data they exfiltrate from online stores. The losing party causing them to end up with a big fat nothing and a ruined reputation on underground forums. [...]
https://www.bleepingcomputer.com/news/security/magecart-group-sabotages-rival-to-ruin-data-and-reputation/
Cybercriminals in the web-skimming business sabotage their competition by poisoning the payment data they exfiltrate from online stores. The losing party causing them to end up with a big fat nothing and a ruined reputation on underground forums. [...]
https://www.bleepingcomputer.com/news/security/magecart-group-sabotages-rival-to-ruin-data-and-reputation/
BleepingComputer
MageCart Group Sabotages Rival to Ruin Data and Reputation
Cybercriminals in the web-skimming business sabotage their competition by poisoning the payment data they exfiltrate from online stores. The losing party causing them to end up with a big fat nothing and a ruined reputation on underground forums.
Adobe Flash Player Update Released for Remote Code Execution Vulnerability
[...]
https://www.bleepingcomputer.com/news/security/adobe-flash-player-update-released-for-remote-code-execution-vulnerability/
[...]
https://www.bleepingcomputer.com/news/security/adobe-flash-player-update-released-for-remote-code-execution-vulnerability/
BleepingComputer
Adobe Flash Player Update Released for Remote Code Execution Vulnerability
Adobe released a security update yesterday that resolves a critical vulnerability in Flash Player that could allow malicious sites to execute code on your computer.
Amazon Data Leak Exposes Email Addresses Right Before Black Friday
f you received a strange email from Amazon stating that they may have disclosed your email address due to a technical error, you are not alone. It seems a web site issue caused some user's email addresses to be disclosed and has since been resolved. [...]
https://www.bleepingcomputer.com/news/security/amazon-data-leak-exposes-email-addresses-right-before-black-friday/
f you received a strange email from Amazon stating that they may have disclosed your email address due to a technical error, you are not alone. It seems a web site issue caused some user's email addresses to be disclosed and has since been resolved. [...]
https://www.bleepingcomputer.com/news/security/amazon-data-leak-exposes-email-addresses-right-before-black-friday/
BleepingComputer
Amazon Data Leak Exposes Email Addresses Right Before Black Friday
If you received a strange email from Amazon stating that they may have disclosed your email address due to a technical error, you are not alone. It seems a web site issue caused some user's email addresses to be disclosed and has since been resolved.
Mozilla Overhauls Content Blocking Settings in Firefox 65
In Firefox 65, Mozilla is overhauling how users can configure the Content Blocking settings. With this version, the previously confusing configuration is replaced by three different modes that a user can select that offer varying degrees of blocking and customization. [...]
https://www.bleepingcomputer.com/news/software/mozilla-overhauls-content-blocking-settings-in-firefox-65/
In Firefox 65, Mozilla is overhauling how users can configure the Content Blocking settings. With this version, the previously confusing configuration is replaced by three different modes that a user can select that offer varying degrees of blocking and customization. [...]
https://www.bleepingcomputer.com/news/software/mozilla-overhauls-content-blocking-settings-in-firefox-65/
BleepingComputer
Mozilla Overhauls Content Blocking Settings in Firefox 65
In Firefox 65, Mozilla is overhauling how users can configure the Content Blocking settings. With this version, the previously confusing configuration is replaced by three different modes that a user can select that offer varying degrees of blocking and customization.
German eID Authentication Flaw Lets You Change Identity
The authentication process via German ID cards with RFID chips to certain web services can be manipulated to allow identity spoofing and changing the date of birth. [...]
https://www.bleepingcomputer.com/news/security/german-eid-authentication-flaw-lets-you-change-identity/
The authentication process via German ID cards with RFID chips to certain web services can be manipulated to allow identity spoofing and changing the date of birth. [...]
https://www.bleepingcomputer.com/news/security/german-eid-authentication-flaw-lets-you-change-identity/
BleepingComputer
German eID Authentication Flaw Lets You Change Identity
The authentication process via German ID cards with RFID chips to certain web services can be manipulated to allow identity spoofing and changing the date of birth.
Microsoft Launcher Beta Gets a Big Update With New Features
Today, Microsoft announced a big update for Microsoft Launcher and the build is currently rolling out to beta testers. The updated Microsoft Launcher includes a host of new features, improvements and refinements. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-launcher-beta-gets-a-big-update-with-new-features/
Today, Microsoft announced a big update for Microsoft Launcher and the build is currently rolling out to beta testers. The updated Microsoft Launcher includes a host of new features, improvements and refinements. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-launcher-beta-gets-a-big-update-with-new-features/
BleepingComputer
Microsoft Launcher Beta Gets a Big Update With New Features
Today, Microsoft announced a big update for Microsoft Launcher and the build is currently rolling out to beta testers. The updated Microsoft Launcher includes a host of new features, improvements and refinements.
How a Security Test for DropBox Revealed 3 Apple Zero Day Vulnerabilities
When Dropbox hired a security firm to perform a Red Team cyber attack simulation on their services, little did they know that they would discover zero day vulnerabilities in Apple products that could affect much more than Dropbox. [...]
https://www.bleepingcomputer.com/news/security/how-a-security-test-for-dropbox-revealed-3-apple-zero-day-vulnerabilities/
When Dropbox hired a security firm to perform a Red Team cyber attack simulation on their services, little did they know that they would discover zero day vulnerabilities in Apple products that could affect much more than Dropbox. [...]
https://www.bleepingcomputer.com/news/security/how-a-security-test-for-dropbox-revealed-3-apple-zero-day-vulnerabilities/
BleepingComputer
How a Security Test for DropBox Revealed 3 Apple Zero Day Vulnerabilities
When Dropbox hired a security firm to perform a Red Team cyber attack simulation on their services, little did they know that they would discover zero day vulnerabilities in Apple products that could affect much more than Dropbox.
Split View Mode Is Now Available for Skype on Windows 10
This new update to Microsoft's modernized Skype 8 brings Split View which allows you to simultaneously open multiple Skype chats. It's a pretty useful feature if you'd like to chat with multiple people at the same time. [...]
https://www.bleepingcomputer.com/news/microsoft/split-view-mode-is-now-available-for-skype-on-windows-10/
This new update to Microsoft's modernized Skype 8 brings Split View which allows you to simultaneously open multiple Skype chats. It's a pretty useful feature if you'd like to chat with multiple people at the same time. [...]
https://www.bleepingcomputer.com/news/microsoft/split-view-mode-is-now-available-for-skype-on-windows-10/
BleepingComputer
Split View Mode Is Now Available for Skype on Windows 10
This new update to Microsoft's modernized Skype 8 brings Split View which allows you to simultaneously open multiple Skype chats. It's a pretty useful feature if you'd like to chat with multiple people at the same time.
PSA: Phishing Levels Rise Ahead of Black Friday and Cyber Monday
With the shopping season underway, cybercriminals are making efforts to capitalize from key holidays and users' craze for Black Friday and Cyber Monday discounts. [...]
https://www.bleepingcomputer.com/news/security/psa-phishing-levels-rise-ahead-of-black-friday-and-cyber-monday/
With the shopping season underway, cybercriminals are making efforts to capitalize from key holidays and users' craze for Black Friday and Cyber Monday discounts. [...]
https://www.bleepingcomputer.com/news/security/psa-phishing-levels-rise-ahead-of-black-friday-and-cyber-monday/
BleepingComputer
PSA: Phishing Levels Rise Ahead of Black Friday and Cyber Monday
With the shopping season underway, cybercriminals are making efforts to capitalize from key holidays and users' craze for Black Friday and Cyber Monday discounts.
US Postal Service Exposes Data of 60 Million Users for Over a Year
The US Postal Service ignored for more than a year an authentication oversight that exposed the account details of 60 million users to anyone that logged into the web service. [...]
https://www.bleepingcomputer.com/news/security/us-postal-service-exposes-data-of-60-million-users-for-over-a-year/
The US Postal Service ignored for more than a year an authentication oversight that exposed the account details of 60 million users to anyone that logged into the web service. [...]
https://www.bleepingcomputer.com/news/security/us-postal-service-exposes-data-of-60-million-users-for-over-a-year/
BleepingComputer
US Postal Service Exposes Data of 60 Million Users for Over a Year
The US Postal Service ignored for more than a year an authentication oversight that exposed the account details of 60 million users to anyone that logged into the web service.
Aurora / Zorro Ransomware Actively Being Distributed
A ransomware that has been distributed since the summer of 2018 has started to pick up steam in the latest variant. This new variant is currently being called Zorro Ransomware, but has also been called Aurora Ransomware in the past. [...]
https://www.bleepingcomputer.com/news/security/aurora-zorro-ransomware-actively-being-distributed/
A ransomware that has been distributed since the summer of 2018 has started to pick up steam in the latest variant. This new variant is currently being called Zorro Ransomware, but has also been called Aurora Ransomware in the past. [...]
https://www.bleepingcomputer.com/news/security/aurora-zorro-ransomware-actively-being-distributed/
BleepingComputer
Aurora / Zorro Ransomware Actively Being Distributed
A ransomware that has been distributed since the summer of 2018 has started to pick up steam in the latest variant. This new variant is currently being called Zorro Ransomware, but has also been called Aurora Ransomware in the past.
Rotexy Mobile Trojan Launches 70k+ Attacks in Three Months
A mobile spyware that turned into a banking trojan with ransomware capabilities managed to launch over 70,000 attacks in the course of just three months. [...]
https://www.bleepingcomputer.com/news/security/rotexy-mobile-trojan-launches-70k-attacks-in-three-months/
A mobile spyware that turned into a banking trojan with ransomware capabilities managed to launch over 70,000 attacks in the course of just three months. [...]
https://www.bleepingcomputer.com/news/security/rotexy-mobile-trojan-launches-70k-attacks-in-three-months/
BleepingComputer
Rotexy Mobile Trojan Launches 70k+ Attacks in Three Months
A mobile spyware that turned into a banking trojan with ransomware capabilities managed to launch over 70,000 attacks in the course of just three months.
First GDPR Sanction in Germany Fines Flirty Chat Platform EUR 20,000
Following a hack that resulted in leaking online about 808,000 email addresses and over 1.8 million usernames and passwords, a social network website in Germany received a fine of EUR 20,000 from the Baden-WΓΌrttemberg Data Protection Office. [...]
https://www.bleepingcomputer.com/news/security/first-gdpr-sanction-in-germany-fines-flirty-chat-platform-eur-20-000/
Following a hack that resulted in leaking online about 808,000 email addresses and over 1.8 million usernames and passwords, a social network website in Germany received a fine of EUR 20,000 from the Baden-WΓΌrttemberg Data Protection Office. [...]
https://www.bleepingcomputer.com/news/security/first-gdpr-sanction-in-germany-fines-flirty-chat-platform-eur-20-000/
BleepingComputer
First GDPR Sanction in Germany Fines Flirty Chat Platform EUR 20,000
Following a hack that resulted in leaking online about 808,000 email addresses and over 1.8 million usernames and passwords, a social network website in Germany received a fine of EUR 20,000 from the Baden-WΓΌrttemberg Data Protection Office.
Google is Adding Force-Installed Extension Removal to the Chrome Cleanup Tool
Google is adding the ability to remove force-installed extensions, or ones installed by Windows group policies, to the Chrome Cleanup Tool. [...]
https://www.bleepingcomputer.com/news/google/google-is-adding-force-installed-extension-removal-to-the-chrome-cleanup-tool/
Google is adding the ability to remove force-installed extensions, or ones installed by Windows group policies, to the Chrome Cleanup Tool. [...]
https://www.bleepingcomputer.com/news/google/google-is-adding-force-installed-extension-removal-to-the-chrome-cleanup-tool/
BleepingComputer
Google is Adding Force-Installed Extension Removal to the Chrome Cleanup Tool
Google is adding the ability to remove force-installed extensions, or ones installed by Windows group policies, to the Chrome Cleanup Tool.
The Week in Ransomware - November 23rd 2018 - STOP, Dharma, and More
This week has mostly been releases of new variants of existing ransomware. Not much of interest other than the developer of the DelphiMorix ransomware trolling ransomware researchers by utilizing their aliases as the extensions for encrypted files. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-23rd-2018-stop-dharma-and-more/
This week has mostly been releases of new variants of existing ransomware. Not much of interest other than the developer of the DelphiMorix ransomware trolling ransomware researchers by utilizing their aliases as the extensions for encrypted files. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-23rd-2018-stop-dharma-and-more/
BleepingComputer
The Week in Ransomware - November 23rd 2018 - STOP, Dharma, and More
This week has mostly been releases of new variants of existing ransomware. Not much of interest other than the developer of the DelphiMorix ransomware trolling ransomware researchers by utilizing their aliases as the extensions for encrypted files.
ECC Memory Vulnerable to Rowhammer Attack
Memory modules with error-correcting code (ECC) protection are vulnerable to Rowhammer, an attack that can help corrupt data the computer stores in its volatile memory chips. [...]
https://www.bleepingcomputer.com/news/security/ecc-memory-vulnerable-to-rowhammer-attack/
Memory modules with error-correcting code (ECC) protection are vulnerable to Rowhammer, an attack that can help corrupt data the computer stores in its volatile memory chips. [...]
https://www.bleepingcomputer.com/news/security/ecc-memory-vulnerable-to-rowhammer-attack/
BleepingComputer
ECC Memory Vulnerable to Rowhammer Attack
Memory modules with error-correcting code (ECC) protection are vulnerable to Rowhammer, an attack that can help corrupt data the computer stores in its volatile memory chips.
Chrome and Firefox Developers Aim to Remove Support for FTP
Google developers have wanted to remove FTP support from Chrome for years and an upcoming change in how files stored on FTP servers are rendered in the browser may be the first step in its ultimate removal. [...]
https://www.bleepingcomputer.com/news/google/chrome-and-firefox-developers-aim-to-remove-support-for-ftp/
Google developers have wanted to remove FTP support from Chrome for years and an upcoming change in how files stored on FTP servers are rendered in the browser may be the first step in its ultimate removal. [...]
https://www.bleepingcomputer.com/news/google/chrome-and-firefox-developers-aim-to-remove-support-for-ftp/
BleepingComputer
Chrome and Firefox Developers Aim to Remove Support for FTP
Google developers have wanted to remove FTP support from Chrome for years and an upcoming change in how files stored on FTP servers are rendered in the browser may be the first step in its ultimate removal.
Backdoor in Popular JavaScript Library Set to Steal Cryptocurrency
A JavaScript library that scores over two million downloads every week has been injected with malicious code for stealing coins from a cryptocurrency wallet. [...]
https://www.bleepingcomputer.com/news/security/backdoor-in-popular-javascript-library-set-to-steal-cryptocurrency/
A JavaScript library that scores over two million downloads every week has been injected with malicious code for stealing coins from a cryptocurrency wallet. [...]
https://www.bleepingcomputer.com/news/security/backdoor-in-popular-javascript-library-set-to-steal-cryptocurrency/
BleepingComputer
Backdoor in Popular JavaScript Library Set to Steal Cryptocurrency
A JavaScript library that scores over two million downloads every week has been injected with malicious code for stealing coins from a cryptocurrency wallet.