0 Comments
The developer of a popular WordPress plugin has updated its product to fix a critical vulnerability that could be exploited to change the appearance of websites. Elementor is marketed as a leading website building platform for WordPress, enabling over five million users to easily create websites for themselves or their business without writing any code. However,
0 Comments
Microsoft has revealed how a coordinated operation helped disrupt a notorious Trojan used widely around the world to facilitate ransomware and other attacks. ZLoader was spawned from the infamous Zeus banking Trojan, but like similar malware TrickBot and Emotet, it underwent significant development over the years, adding new functionality. As such, it soon evolved from
0 Comments
The MetroHealth System in Cleaveland, Ohio, recently disclosed a data breach involving 1700 of its patients. In a recent statement, MetroHealth announced that on November 13, while the health system’s electronic medical records systems were being upgraded, 1700 patient records were unintentionally disclosed. The breach involved patient names, care provider names and appointment details. MetroHealth claimed
0 Comments
As many as five security vulnerabilities have been addressed in Aethon Tug hospital robots that could enable remote attackers to seize control of the devices and interfere with the timely distribution of medication and lab samples. “Successful exploitation of these vulnerabilities could cause a denial-of-service condition, allow full control of robot functions, or expose sensitive
0 Comments
The number of publicly reported data breaches in the US increased by double digits year-on-year in the first three months of 2022, according to the Identity Theft Resource Center (ITRC). The non-profit claimed that the increase represents the third successive year in which Q1 figures have exceeded those recorded 12 months previously. The vast majority
0 Comments
ESET researchers provided technical analysis, statistical information, and known command and control server domain names and IP addresses ESET has collaborated with partners Microsoft’s Digital Crimes Unit, Lumen’s Black Lotus Labs, Palo Alto Networks Unit 42, and others in an attempt to disrupt known Zloader botnets. ESET contributed to the project by providing technical analysis,
0 Comments
One of the world’s most notorious hacking marketplaces, RaidForums, has been shut down and its infrastructure seized in a major cross-border law enforcement operation. Operation TOURNIQUET, which was coordinated by Europol in support of the independent investigations of the US, UK, Sweden, Portugal and Romania, also led to the arrest of the RaidForums’ administrator and two of
0 Comments
by Paul Ducklin Three years ago, we published an article with the dramatic-sounding title Serious Security: Post-Quantum Cryptography (and why we’re getting it). As you probaby know, so-called quantum computers work in a rather mysterious way compared to conventional computers, inasmuch as they can perform certain sorts of calculation so that they effectively “compute” all
0 Comments
This ICS-capable malware targets a Ukrainian energy company This is a developing story and the blogpost will be updated as new information becomes available. Executive summary The blogpost presents the analysis of a cyberattack against a Ukrainian energy provider. Key points: ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company
0 Comments
Researchers have disclosed a previously undocumented local file inclusion (LFI) vulnerability in Hashnode, a developer-oriented blogging platform, that could be abused to access sensitive data such as SSH keys, server’s IP address, and other network information. “The LFI originates in a Bulk Markdown Import feature that can be manipulated to provide attackers with unimpeded ability
0 Comments
Scammers who tricked victims into handing them control of their PCs managed to steal nearly £58m last year, according to official UK police figures. Some 20,144 individuals fell victim to such “remote access tool” (RAT) scams in 2021, according to Action Fraud, the country’s national reporting centre for fraud and cybercrime. Losing on average around £2800 per
0 Comments
Cybersecurity researchers are warning of two different information-stealing malware, named FFDroider and Lightning Stealer, that are capable of siphoning data and launching further attacks. “Designed to send stolen credentials and cookies to a Command & Control server, FFDroider disguises itself on victim’s machines to look like the instant messaging application ‘Telegram,'” Zscaler ThreatLabz researchers Avinash
0 Comments
The multifaceted nature of modern supply chain risks was highlighted by Jon France, CISO for (ISC)², during (ISC)² Secure London this week. France, who was appointed the first-ever CISO of (ISC)² earlier this year, emphasized that rapid digitization across all industries had significantly widened organizations’ threat landscape during COVID-19. “Speed can sometimes be the enemy of risk,” he noted,
0 Comments
China-linked adversaries have been attributed to an ongoing onslaught against Indian power grid organizations, one year after a concerted campaign targeting critical infrastructure in the country came to light. Most of the intrusions involved a modular backdoor named ShadowPad, according to Recorded Future’s Insikt Group, a sophisticated remote access trojan which has been dubbed a
0 Comments
The Information Commissioner’s Office (ICO) is currently investigating a cyber-attack across TrustFord branches throughout the UK. The vehicle dealer group revealed the attack, which is believed to have been committed by the Conti ransomware gang, affected the firm’s internal systems. In particular, access to the internet and phones within the business was affected. However, TrustFord assured
0 Comments
The recently disclosed critical Spring4Shell vulnerability is being actively exploited by threat actors to execute the Mirai botnet malware, particularly in the Singapore region since the start of April 2022. “The exploitation allows threat actors to download the Mirai sample to the ‘/tmp’ folder and execute them after permission change using ‘chmod,'” Trend Micro researchers