Wordfence analysts report having detected a massive wave of attacks in the last couple of days, originating from 16,000 IPs and targeting over 1.6 million WordPress sites. The threat actors target four WordPress plugins and fifteen Epsilon Framework themes, one of which has no available patch. Some of the targeted plugins were patched all the way back in 2018, while others had their vulnerabilities addressed as recently as this week. READ MORE...
There is a new financially motivated threat group on the rise and for a change, it doesn't appear to be interested in deploying ransomware or taking out high-profile targets. Researchers from Accenture Security have been tracking a group that calls itself "Karakurt," which means "black wolf" in Turkish and is the name of a venomous spider found in eastern Europe and Siberia. Karakurt focuses on data exfiltration and subsequent extortion, allowing it to move quickly. READ MORE...
Mozilla this week released security updates for the Firefox browser and Thunderbird mail client to address multiple vulnerabilities, including several bugs rated high severity. Firefox 95 started rolling out to users earlier this week with the new RLBox isolation technology inside, meant to improve protections from web attacks by sandboxing potentially problematic subcomponents. READ MORE...
The sophisticated hacking group known as StrongPity is circulating laced Notepad++ installers that infect targets with malware. This hacking group, also known as APT-C-41 and Promethium, was previously seen distributing trojanized WinRAR installers in highly-targeted campaigns between 2016 and 2018, so this technique is not new. The recent lure involves Notepad++, a very popular free text and source code editor for Windows used in a wide range of organizations. READ MORE...
A Russian national convicted earlier this year in the United States for his role in a cybercrime operation has been sentenced to four years in prison. Oleg Koshkin, 41, was given a 48-month prison sentence for one count of conspiracy to commit computer fraud and abuse and one count of computer fraud and abuse. He has been in custody since 2019, when he was arrested in California. READ MORE...
Exploit code has been released for a serious code-execution vulnerability in Log4j, an open-source logging utility that's used in countless apps, including those used by large enterprise organizations, several websites reported on last Thursday. Word of the vulnerability first came to light on sites catering to users of Minecraft, the best-selling game of all time. The sites warned that hackers could execute malicious code on servers or clients running the Java version of Minecraft. READ MORE...
As many as 300,000 routers made by Latvia-based MikroTik are vulnerable to remote attacks that can surreptitiously corral the devices into botnets that steal sensitive user data and participate in Internet-crippling DDoS attacks, researchers said. The estimate, made by researchers at security firm Eclypsium, is based on Internet-wide scans that searched for MikroTik devices using firmware versions known to contain vulnerabilities that were discovered over the past three years. READ MORE...