Publicly known “magic string” lets any site run malicious code, no questions asked. The Chrome browser extension for Cisco Systems WebEx communications and collaboration service was just updated to fix a vulnerability that leaves all 20 million users susceptible to drive-by attacks that can be carried out by just about any website they visit. A […]
User Enumeration is the capacity to automatically figure out if a given account is valid on a system. By enumerating client accounts, you are at danger of locking out accounts after a predefined number of failed attempts. Stop User Enumeration is a module stops client count dead , and furthermore it will log an event in your System […]
Recently, we discovered a new Google Android Trojan named “PluginPhantom”, which steals many types of user information including: files, location data, contacts and Wi-Fi information. It also takes pictures, captures screenshots, records audios, intercepts and sends SMS messages. In addition, it can log the keyboard input by the Android accessibility service, acting as a keylogger. […]
Experts from the White Fir Design discovered cybe rcriminals exploited a zero-day flaw in an e-commerce plugin for WordPress to upload a backdoor. According to the experts from the firm White Fir Design, crooks exploited a zero-day flaw in an e-commerce plugin for WordPress to upload backdoors to affected websites. The plugin is WP Marketplace, a […]
Compromised websites remain one of the surefire ways to redirect innocent visitors to exploit kits. During the past few days we’ve started seeing an unusual route to the infamous Angler EK, notorious for leveraging hacked WordPress and Joomla CMSs. This wasn’t via the common EITest or Darkleech paths nor was it a direct injection of the landing URL […]
Last summer we shared a story about the SweetCaptcha WordPress plugin injecting ads and causing malvertising problems for websites that leveraged the plugin. When this plugin was removed from the official WordPress Plugin directory, the authors revived another WordPress account with a long abandoned plugin and uploaded SweetCaptcha as a “new version” of that plugin. In […]
After a few critical bugs were recently discovered and patched in the core WordPress engine—a rarity with WordPress-related security issues—order has apparently been restored with the discovery of a critical vulnerability in a popular plugin. Insecure plugins have been at the heart of numerous attacks launched from compromised WordPress site. One was patched this week in […]
We all know that one of the basic procedures to keep our computer system secure and free from viruses and malware is to keep the operating system as well as the installed applications updated, as it makes sure that your system is not vulnerable to hackers. Apart from that, you must have heard from the […]
Researchers have identified a relatively “common” cross-site scripting flaw (XSS) in some famous WordPress plugins — A coordinated plugin update has been released to address the detected cross-site scripting vulnerability. In case you are using any of the WordPress plugins mentioned below you must install the update released today to eliminate the “common” cross-site scripting vulnerability. Here […]
Yet another vulnerability has been found in the Yoast WordPress plugin that can be exploited by attackers allowing them to control the site. Just a week ago, the case was associated with WordPress SEO plugin that is being used by more than a million WordPress websites. However, this time the case is focused on the […]
A number of websites have been put at risk due to a very popular plugin of the WordPress content management platform vulnerability that allows to hackers to attack the websites. Actually, the fault lies in many of the versions of the WordPress Plugin called ‘WordPress SEO by Yoast’ that has over 14 million downloads thus […]
WordPress’s MainWP Child Plugin has vulnerability… and it is very much exploitable. Researchers at Sucuri have identified a vulnerability in the MainWP Child plugin for WordPress, which according to them is potentially exploitable and can allow hackers to fully control any website. Mickael Nadeau, Sucuri’s security and vulnerability researcher, revealed the finding in his blog […]
A deep dive into Win32/Theola, one of the most malicious components of the notorious bootkit family, Win32/Mebroot.FX. Theola uses malicious Chrome browser plugins to steal money.
Analysis of malicious code dubbed Win32/Caphaw (a.k.a. Shylock) attacking major European banks, with ability to automatically steal money when the user is actively accessing his banking account.
Fraudsters continue to innovate their scam propagation methods. Again using Facebook and a pretense of a shocking video, they also utilize browser plugins to execute malicious scripts. We also see how the malware scene is intertwined, when the user is directed to a dubious Potentially Unwanted Application. Facebook auto-like scams have been commonplace on the