The year 2019 is likely to see an increase of state actors taking aim at the private sector in foreign companies, continuing an ongoing trend over the past several years, according to the 2019 Cyber Threat Outlook published by defense industry firm Booz Allen Hamilton on Monday. The report cites economically-motivated attacks, that aim to “steal information, such as intellectual property and ...
Read More »Blog
Attackers Use CoAP for DDoS Amplification
Attackers recently started abusing the Constrained Application Protocol (CoAP) for the reflection/amplification of distributed denial of service (DDoS) attacks, NETSCOUT warns. CoAP is a simple UDP protocol designed for low-power computers on unreliable networks that appears similar to HTTP, but which operates over UDP (User Datagram Protocol) port 5683. The protocol is mainly used by mobile phones in China, but is also ...
Read More »Over 3000 Magneto shops have been hacked via insecure extensions in the last 3 months
Attackers use an extension bug to download other extensions and later search for zero-day security issues.Failing to keep the extensions up-to-date is one of the main cause for the rise in such attacks. In the latest research, it has been found that Magneto shops can be targeted by leveraging vulnerable third-party extensions or modules. The attackers can abuse these weak ...
Read More »Top WordPress attacks: Insight into major attacks that involved compromise of WordPress sites
WordPress is the most popular content management system which is based on PHP and MySQL. A recent study revealed that WordPress-associated vulnerabilities have seen a 30% increase in 2018 when compared to the previous year. The number of vulnerabilities related to WordPress recorded in 2018 was 542. Moreover, most of these vulnerabilities, almost 98% were related to WordPress plugins and only 2% ...
Read More »Google works on spotting dodgy ‘evil domains’
Google is working on a way for Chrome to do a better job of spotting fake websites that seek to trick people into handing over personal information. It is concentrating on websites that use letters and numbers to approximate a recognised brand. The work will mean Chrome will warn people they are about to visit sites it believes are fake. ...
Read More »Cookieminer: New malware targets Macs to steal from cryptocurrency wallets
Malware can bypass multi-factor authentication to gain access to cryptocurrency wallets – and also drops mining malware on infected machines. Mac users are being targeted with newly discovered Mac malware that aims to steal the contents of cryptocurrency wallets. Dubbed CookieMiner by researchers because of its capability for stealing browser cookies associated with cryptocurrency exchanges and wallet service websites visited ...
Read More »Updated version of Remexi malware leveraged to spy on foreign diplomats in Iran
The malware boasts a variety of capabilities such as recording keystrokes, taking screenshots of Windows and stealing credentials, logins, and the browser history.Once installed, the malware first connects with the C2 server of hackers in order to receive malicious commands. An updated version of Remexi malware was used in a cyber-espionage campaign that targeted Iranian IP addresses late last year. ...
Read More »25 Saudi children trained in cybersecurity
JEDDAH: The pilot phase of a program to introduce Saudi children to the basics of programming concluded on Thursday.The Saudi Federation for Cyber Security, Programming and Drones (SAFCSP) organized the “Programming for Young Saudis” event at its headquarters in Riyadh in cooperation with technology company Oracle.The program introduced 25 Saudi children aged between 8 and 14 to the basics of ...
Read More »Chrome fixes many flaws: Patch Tuesday – Week 4, January 2019
This week we saw the release of major web browser updates coming Google Chrome and Mozilla FIrefox. On the other hand, Linux distributions like Ubuntu and Debian also patched their software to fix multiple security vulnerabilities. AVEVA Aveva is a British IT firm that specializes in engineering and industrial software. The firm has released an update to its product Wonderware ...
Read More »Mozilla brings out Anti-Tracking Policy with Firefox 65
Firefox 65 comes with a host of improvements focused on privacy and security, as well as usability. The browser also puts into action the anti-tracking policy which was released earlier this week by Mozilla. With the introduction of Firefox 65, Mozilla is aggressively promoting its stance on privacy protection. The opensource giant has now introduced an anti-tracking policy into its ...
Read More »