24 Jan 2022

20K WordPress Sites Exposed by Insecure Plugin REST-API

More than 20,000 WordPress sites are vulnerable to malicious code injection, phishing scams, and other cyber threats due to a high-severity cross-site scripting (XSS) bug affecting the WordPress Email Template Designer. The template designer is WP HTML Mail, a plugin that allowed users to design custom emails. Wordfence researcher Chloe

Read More
20 Jan 2022

Cheap malware is behind a rise in attacks on cryptocurrency wallets

Chainalysis has recently warned that a rise in cheap and easy to use malware has resulted in a rise of cryptocurrency theft. Crytocurrency has been a popular target for cybercriminals, whether they are stealing it via cryptocurrency exchanges or demanding it as an extortion payment in ransomware attacks. The growing

Read More
13 Jan 2022

Ransomware Attack Takes Thousands Of U.S. School Websites Offline

Thousands of schools in the US were impacted by a ransomware attack that targeted Finalsite, a company that provides schools with hosted tools to manage their online presence and communications. Since the cyberattackers targeted Finalsite instead of individual school systems, thousands of school websites hosted by Finalsite went down at

Read More
13 Jan 2022

Widespread, Easily Exploitable Windows RDP Bug Opens Users to Data Theft

Earlier this week, Microsoft issued a fix for a vulnerability that allows remote, unprivileged attackers to abuse Remote Desktop Protocol (RDP) from inside Windows devices. The flaw could allow attackers to hijack smart cards and gain unauthorized access to file systems. The bug, which is tracked as CVE-2022-21893, could lead

Read More
13 Jan 2022

Clinical Review Vendor Reports Data Breach

The Medical Review Institute of America (MRIoA) has suffered from a cyberattack that may have exposed the personal data of over 134,000 individuals. The institute is based in Salt Lake City, Utah. The cyber incident was reportedly discovered on November 9, 2021 after unauthorized access was detected. According to MRIoA,

Read More
12 Jan 2022

Europol Ordered to Delete Vast Trove of Personal Information

Europol has been instructed to delete a massive data trove of information on individuals who have no links to criminal activity after previously failing to comply with regulations. Europol was ordered to delete the data by the European Data Protection Supervisor (EDPS) on January 3 after an inquiry was opened

Read More
11 Jan 2022

Log4J-Related RCE Flaw in H2 Database Earns Critical Rating

Researchers have detected a critical vulnerability in the H2 open-source Java SQL database that bears similarities to the Log4J vulnerability. However, this flaw does not pose a widespread threat. Researchers stated that the flaw opens the door for an adversary to execute remote code on vulnerable systems. H2 is attractive

Read More
10 Jan 2022

US Issues Warning Over Commercial Spyware

The US government has issued a new warning regarding possible targets of commercial spyware. The entity also provided guidance on how individuals can protect themselves from unwarranted surveillance. In the announcement, the US National Counterintelligence and Security Center (NCSC) stated that governments across the world are using commercial surveillance software

Read More
10 Jan 2022

Cyberattackers Hit Data of 80K Fertility Patients

Attackers were able to steal data pertaining to almost 80,000 patients of Fertility Centers of Illinois (FCI) after a data breach was detected on February 1 of last year. Although the fertility centers’ security measures were able to safeguard electronic medical records, the attackers were still able to access highly

Read More
06 Jan 2022

Kazakhstan leaders shut down Internet amid gas price protests

Internet service in Kazakhstan was disabled this week after thousands took to the streets to protest a steep rise in gas prices. Although the internet was partially restored on Wednesday, Netblocks and Cloudflare reported evidence of significant disruption. The two security companies reported that they observed internet shutdowns in the

Read More