The FBI recently posted a flash alert asking for any suspicious activity linked to LockBit Ransomware to be reported immediately to the Cyber Squad. The LockBit Ransomware gang, who came on the scene in September 2019 announced the LockBit 2.0 Ransomware-as-a-Service (RaaS) in June 2021. The impact When the LockBit infection spreads, it gains the […]
25
Jan
Jan
WordPress’s security vendor, Jetpack, uncovered a widespread supply chain attack, which has successfully compromised 93 WordPress plugins and themes. Additionally, 53 plugins and 40 themes belonging to the developer AccessPress, had a backdoor inserted into their source code. AccessPress addons are used in over 360,000 active websites. The impact: Admins who have unknowingly installed a […]
10
Jan
Jan
The Jfrog security research team has discovered a vulnerability in the H2 database console. CVE-2021-42392 shares a root cause with the now infamous Log4Shell vulnerability. H2 is a popular and open-source SQL database written in java, which offers a lightweight in-memory solution, meaning data is not required to be stored on a disk. This makes […]
13
Dec
Dec
Some of you may know, a severe vulnerability was discovered in Log4j, a Java logging package. This ubiquitous package is included in products such as Apache and Apple products. Worse yet, this component is so widely used — that it is believed to be within multiple components within applications. This means that security teams worldwide […]
10
Dec
Dec
WordPress sites have been under attack for 36 hours, from 16,000 IP addresses. Threat Intelligence Analysts from Wordfence, have reported an ongoing assault against 1.6 million WordPress sites. The traffic originates from 16,000 IPs and threat actors appear to be targeting four WordPress plugins and fifteen Epsilon Framework themes. One of which has no patch […]
06
Dec
Dec
Researchers from the German IT Magazine publisher CHIP discovered hundreds of potential vulnerabilities across nine vendors of popular wireless routers. The following vendors could be affected: Asus AVM D-Link Netgear Edimax TP-Link Synology Linksys The researchers analysed the configuration of network devices using the IoT Inspector’s firmware security platform, which performs automated checks for thousands […]
03
Dec
Dec
Security experts from Google Project Zero detected two vulnerabilities in the video conferencing application Zoom that heavily expose users to attacks. These vulnerabilities have an impact on Zoom clients who use Windows, macOS, Linux, iOS and Android. The impact The first vulnerability, known as CVE-2021-34423 has a harsh effect on buffer overflow vulnerability that was given a CVSS base score of […]
30
Nov
Nov
Threat actors are actively exploiting a misconfigured Google Cloud Platform (GCP) infrastructure to mine cryptocurrency. Google’s recent threat horizon report detailed that out of 50 recently compromised GCP instances, 86% were used for crypto mining. Statistics show that 48% of intrusions were the result of poor password hygiene and or insecure API configurations. However, 26% […]
23
Nov
Nov
Threat actors are leverage known vulnerabilities against unpatched exchange servers to distribute malware and avoid detection by abusing internal reply-chain emails. TrendMicro researchers have discovered that threat actors have distributed malicious emails to internal employees on corporate networks through an interesting tactic. They start by exploiting Microsoft exchange servers which remain vulnerable to ProxyLogon and […]
09
Nov
Nov
Christmas is here, which only means that it is officially shopping season and considering the supply chain issues, many have started to stock up, especially from Amazon. Unfortunately, this is where hackers find the perfect opportunity to use their expertise to spoof purchase notifications in order to get access to financial information. Typically, a hacker […]