Around 200,000 WordPress websites using the Display Widgets Plugin were impacted after it was updated to include malicious code. According to security firm Wordfence, roughly 200,000 WordPress websites were impacted after a plugin they were using was updated to include a backdoor. “If you have a plugin called âDisplay Widgetsâ on your WordPress website, remove it […]
Experts discovered 4,000 compromised installations on Amazon AWS of open source analytics and search tool Elasticsearch that were running PoS malware. Security researchers from the firm Kromtech have discovered 4,000 compromised instances of open source analytics and search tool Elasticsearch that were running PoS malware. According to Kromtech, this is just a portion of the overall number of compromised […]
The company ZERODIUM announced it will pay up to $1 million for fully working zero day exploits for Tor Browser on Tails Linux and Windows OSs. The zero-day broker Zerodium offers $1 million for Tor Browser exploits with the intent to unmask Tor users. The controversial firm will then resell the zero-day exploit for Tor […]
The US Department of Homeland security banned government agencies for using software products developed by Kaspersky Lab Bad news for security firm Kaspersky, the US Department of Homeland security banned government agencies for using software products developed by Kaspersky Labs. The ban was the response to the concerns about possible ties between Kaspersky and Russian […]
Microsoft has just released the September Patch Tuesday, a huge batch of security updates to address 81 vulnerabilities including Blueborne issue. Microsoft has just released the September Patch Tuesday, a huge batch of security updates to address 81 vulnerabilities in almost any supported versions of Windows and other MS products. The batch includes security update to addresses […]
Experts found a new alarming method dubbed Bashware attack that allows attackers to silently run malware to bypass even the most common security solutions, The new Windows 10 feature Windows Subsystem for Linux (WSL)Â that implements the Linux bash terminal in Microsoft operating system could be exploited by malware to run undetected. The feature was recently […]
This month, Adobe has patched only two vulnerabilities in Flash Player, both are critical issues that could be exploited for remote code execution. The vulnerabilities are tracked as CVE-2017-11281 and CVE-2017-11282, they were discovered by Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero. Both vulnerabilities are caused by memory corruption issues and affect the Flash Player […]
Billions of mobile, desktop and IoT devices that use Bluetooth may be exposed to a new stealthy remote attack dubbed BlueBorne attack. Billions of mobile, desktop and IoT devices that use Bluetooth may be exposed to a new remote attack, even without any user interaction and pairing. The unique condition for BlueBorne attacks is that targeted devices […]
Brute Force Attack Report – This article is going to cover an attack we have had on a new network from the second it was connected to the internet. Instantly we were collecting data showing the determination of people trying to gain ârootâ access to our Server. Our data shows us that on the 21/August/2017 […]
MongoDB company implements new data security features in response to the recent wave of ransom attacks that hit installations worldwide. You have to admit that the bad actors are very good at leveraging a vulnerability into a lucrative opportunity. The latest example comes from MongoDB,  a popular, open source database commonly deployed for big data applications on […]