Web Security

Ryuk Ransomware Attack Sprung by Frugal Student
Posted on Thursday May 06, 2021

The student opted for “free” software packed with a keylogger that grabbed credentials later used by "Totoro" to get into a biomolecular institute. 

Anti-Spam WordPress Plugin Could Expose Website User Data
Posted on Wednesday May 05, 2021

'Spam protection, AntiSpam, FireWall by CleanTalk' is installed on more than 100,000 sites -- and could offer up sensitive info to attackers that aren't even logged in.

Raft of Exim Security Holes Allow Linux Mail Server Takeovers
Posted on Wednesday May 05, 2021

Remote code execution, privilege escalation to root and lateral movement through a victim's environment are all on offer for the unpatched or unaware.

Feds Shut Down Fake COVID-19 Vaccine Phishing Website
Posted on Wednesday May 05, 2021

‘Freevaccinecovax.org’ claimed to be that of a biotech company but instead was stealing info from visitors to use for nefarious purposes.

Pulse Secure VPNs Get a Fix for Critical Zero-Day Bugs
Posted on Tuesday May 04, 2021

The security flaw tracked as CVE-2021-22893 is being used by at least two APTs likely linked to China, to attack U.S. defense targets among others.

Sneakers, Gaming, Nvidia Cards: Retailers Can Stop Shopping Bots
Posted on Tuesday May 04, 2021

Jason Kent, hacker in residence at Cequence Security, says most retailers are applying 1970s solutions to the modern (and out-of-control) shopping-bot problem, and offers alternative ideas.

Bait Boost: Phishers Delivering Increasingly Convincing Lures
Posted on Tuesday May 04, 2021

An intense hunt for corporate account credentials will continue into next quarter, researchers predict.

Deepfake Attacks Are About to Surge, Experts Warn
Posted on Monday May 03, 2021

New deepfake products and services are cropping up across the Dark Web.

Experian API Leaks Most Americans’ Credit Scores
Posted on Thursday April 29, 2021

Researchers fear wider exposure, amidst a tepid response from Experian.

Multi-Gov Task Force Plans to Take Down the Ransomware Economy
Posted on Thursday April 29, 2021

A coalition of 60 global entities (including the DoJ) has proposed a sweeping plan to hunt down and disrupt ransomware gangs by going after their financial operations.

©2019 WiredZero.com