Grief Ransomware Targets NRA
Grief, a ransomware group with ties to Russia-based Evil Corp, claims to have stolen data from the gun-rights group and has posted files on its dark web site. Continue reading Grief Ransomware Targets NRA
Category Archives: Web Security
WordPress Plugin Bug Lets Subscribers Wipe Sites
The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable site, deleting nearly all database content and uploaded media.
Continue reading WordPress Plugin Bug Lets Subscribers Wipe Sites
Ransomware Attacks Are Evolving. Your Security Strategy Should, Too
Defending against ransomware will take a move to zero-trust, argues Daniel Spicer, CSO, Ivanti. Continue reading Ransomware Attacks Are Evolving. Your Security Strategy Should, Too
Teen Rakes in $2.74M Worth of Bitcoin in Phishing Scam
The kid was busted after abusing Google Ads to lure users to his fake gift card site. Continue reading Teen Rakes in $2.74M Worth of Bitcoin in Phishing Scam
War-Driving Technique Allows Wi-Fi Password-Cracking at Scale
A researcher was able to crack 70 percent of the gathered hashes in an experiment in a residential neighborhood. Continue reading War-Driving Technique Allows Wi-Fi Password-Cracking at Scale
Apple Patches Critical iOS Bugs; One Under Attack
Researchers found that one critical flaw in question is exploitable from the browser, allowing watering-hole attacks. Continue reading Apple Patches Critical iOS Bugs; One Under Attack
Cyber Attack Cripples Iranian Fuel Distribution Network
The incident triggered shutdowns at pumps across the country as attackers flashed the phone number of Supreme Leader Ali Khamenei across video screens. Continue reading Cyber Attack Cripples Iranian Fuel Distribution Network
SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike
Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.
Continue reading SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike
Lazarus Attackers Turn to the IT Supply Chain
Kaspersky researchers saw The North Korean state APT use a new variant of the BlindingCan RAT to breach a Latvian IT vendor and then a South Korean think tank. Continue reading Lazarus Attackers Turn to the IT Supply Chain
Attackers Hijack Craigslist Emails to Bypass Security, Deliver Malware
Fake Craigslist emails that abuse Microsoft OneDrive warn users that their ads contain ‘inappropriate content.” Continue reading Attackers Hijack Craigslist Emails to Bypass Security, Deliver Malware