Attackers use an extension bug to download other extensions and later search for zero-day security issues.Failing to keep the extensions up-to-date is one of the main cause for the rise in such attacks. In the latest research, it has been found that Magneto shops can be targeted by leveraging vulnerable third-party extensions or modules. The attackers can abuse these weak ...
Read More »Author Archives: firewalltraining
Top WordPress attacks: Insight into major attacks that involved compromise of WordPress sites
WordPress is the most popular content management system which is based on PHP and MySQL. A recent study revealed that WordPress-associated vulnerabilities have seen a 30% increase in 2018 when compared to the previous year. The number of vulnerabilities related to WordPress recorded in 2018 was 542. Moreover, most of these vulnerabilities, almost 98% were related to WordPress plugins and only 2% ...
Read More »Google works on spotting dodgy ‘evil domains’
Google is working on a way for Chrome to do a better job of spotting fake websites that seek to trick people into handing over personal information. It is concentrating on websites that use letters and numbers to approximate a recognised brand. The work will mean Chrome will warn people they are about to visit sites it believes are fake. ...
Read More »Cookieminer: New malware targets Macs to steal from cryptocurrency wallets
Malware can bypass multi-factor authentication to gain access to cryptocurrency wallets – and also drops mining malware on infected machines. Mac users are being targeted with newly discovered Mac malware that aims to steal the contents of cryptocurrency wallets. Dubbed CookieMiner by researchers because of its capability for stealing browser cookies associated with cryptocurrency exchanges and wallet service websites visited ...
Read More »Updated version of Remexi malware leveraged to spy on foreign diplomats in Iran
The malware boasts a variety of capabilities such as recording keystrokes, taking screenshots of Windows and stealing credentials, logins, and the browser history.Once installed, the malware first connects with the C2 server of hackers in order to receive malicious commands. An updated version of Remexi malware was used in a cyber-espionage campaign that targeted Iranian IP addresses late last year. ...
Read More »25 Saudi children trained in cybersecurity
JEDDAH: The pilot phase of a program to introduce Saudi children to the basics of programming concluded on Thursday.The Saudi Federation for Cyber Security, Programming and Drones (SAFCSP) organized the “Programming for Young Saudis” event at its headquarters in Riyadh in cooperation with technology company Oracle.The program introduced 25 Saudi children aged between 8 and 14 to the basics of ...
Read More »Chrome fixes many flaws: Patch Tuesday – Week 4, January 2019
This week we saw the release of major web browser updates coming Google Chrome and Mozilla FIrefox. On the other hand, Linux distributions like Ubuntu and Debian also patched their software to fix multiple security vulnerabilities. AVEVA Aveva is a British IT firm that specializes in engineering and industrial software. The firm has released an update to its product Wonderware ...
Read More »Mozilla brings out Anti-Tracking Policy with Firefox 65
Firefox 65 comes with a host of improvements focused on privacy and security, as well as usability. The browser also puts into action the anti-tracking policy which was released earlier this week by Mozilla. With the introduction of Firefox 65, Mozilla is aggressively promoting its stance on privacy protection. The opensource giant has now introduced an anti-tracking policy into its ...
Read More »China, Russia Posing Biggest Cyber Attack Threats to United States, Says Chief of US National Intelligence
China, Russia, Iran, and North Korea increasingly use cyber operations to steal information, influence people and to disrupt critical infrastructure, said Dan Coats, Director of National Intelligence. Washington: Russia and China pose the biggest espionage and cyber attack threats to the United States and are more aligned than they have been in decades, the leader of the U.S. intelligence community told ...
Read More »New JobCrypter ransomware variant captures screenshots of infected devices
Security researchers have discovered a new variant of the two-year-old JobCrypter ransomware that now features an additional encryption layer and a much longer decryption key, making it more powerful and difficult to evade compared to its earlier variants. While analysing the ransomware, researchers at Trend Micro also observed that it features the ability to send a screenshot of a targeted ...
Read More »