17 Jan 2020

Critical WordPress Bug Leaves 320,000 Sites Open to Attack

Infinite Client and WP Time Capsule, two WordPress plugins, contain vulnerabilities that leave sites open to attack. The bug is a critical authorization complication that allows adversaries access to the backend of a site without a password. The attacker only needs the admin username for the WordPress plugins. Both of

Read More
15 Jan 2020

Video appears to show two missiles striking Ukrainian passenger plane over Iran

New video footage appears to show missiles striking the Ukraine International Airlines Flight 752 on January 8. The plane crashed over the Iranian capital of Tehran, killing all 176 people on board. The crash caused international outrage after Tehran released a statement admitting to causing the crash after claiming that

Read More
14 Jan 2020

Website Collecting Australian Fire Donations Hit by Magecart

A website gathering donations to support the victims of the horrific wildfires in Australia has been attacked by a credential skimming malware, placing thousands of donors at risk. The hack may have compromised donors’ payment information. The attack was carried out using Magecart malware injected into the ATMZOW skimmer on

Read More
14 Jan 2020

US troops in Iraq got warning hours before Iranian attack

American troops knew about the impending missile barrage hours before they hit. Ain al-Asad airbase in western Iraq went on lockdown several hours before the attack, which was carried out by Iranian forces. The attack, which lasted nearly two hours, caused no US casualties, however, several troops were treated for

Read More
03 Jan 2020

Maze Ransomware Sued for Publishing Victim’s Stolen Data

The anonymous threat actors behind the Maze Ransomware attacks are being sued by a victim after an attack in early December left their information vulnerable. The victim, US company Southwire, claims that Maze accessed their network, stole and encrypted data, and later published the information after Southwire failed to pay

Read More
20 Dec 2019

Phishers prey on fans of latest Star Wars film

Researchers at Kaspersky, a cybersecurity company, have uncovered 65 malicious files disguised as copies of the Rise of Skywalker, the latest and final movie in the Star Wars trilogy, as well as over 30 phishing sites and media profiles posing as official movie accounts that distribute free copies of the

Read More
20 Dec 2019

New malware dropper is a “hornet’s nest” of dangerous software

A new malware dropper, dubbed the Legion Loader, has emerged. Deep Instinct researchers discovered the malware, and have since been referring to it as a “hornet’s nest” of malware due to its ability to infect computers and install additional malware on them. Although this is common among droppers, which are

Read More
20 Dec 2019

Wawa says POS malware incident impacts ‘potentially all locations’

American convenience store chain Wawa disclosed that they had been attacked with malware installed on its payment processing systems after their security team discovered the malware last week. The malware was installed on Wawa servers on March 4 and was not discovered until December 10. Data collected includes payment card

Read More
20 Dec 2019

Frankfurt shuts down IT network following Emotet infection

One of the largest financial hubs in the world has shut down its networks earlier this week as a result of a malware attack involving the infamous financial malware Emotet. Frankfurt has become the fourth Germany entity to shut down its IT network due to an attack in the past

Read More
18 Dec 2019

Industrial Cyber-Espionage Campaign Targets Hundreds of Companies

An advanced threat actor, nicknamed Gangnam Industrial Style, targeted hundreds of industrial companies across the globe, using a new version of an old info-stealer to extract sensitive data. The spear-phishing campaign comprises of malicious attachments disguised as PDF files, which drop Separ malware when clicked. Separe malware steals login data

Read More