‘Thousands of WordPress websites use malicious plugins’
Researchers found malicious plugins on nearly 25,000 WordPress websites.
Researchers at the Georgia Institute of Technology discovered 47,337 malicious plugins on 24,931 unique WordPress websites. Each website used two or more infected plugins. 94 percent were actively engaged in malicious acti... Read more
Italy’s energy agency suffers malware attack
The attack forced the agency to shut down its IT systems for some time.
Italy’s energy agency, Gestore dei Servizi Energetici (GSE), suffered a malware attack on Sunday night and Monday morning, according to a report in Bloomberg. GSE is responsible for the country's energy security. Accordin... Read more
Atlassian warns of critical vulnerability in Bitbucket
Atlassian issued a security alert for its Bitbucket Server and Datacenter solution. A vulnerability allows hackers to execute arbitrary code on affected instances.
Bitbucket is a Git-based code tool for hosting, management and collaboration. The tool integrates with Atlassian's Jira and Trello s... Read more
PyPI packages under attack after phishers target developers
Developers and maintainers of PyPI are under attack by digital scammers through email phishing.
Several PyPI developers and maintainers have fallen for phishing scams conducted by digital scammers. The malicious campaign was disclosed by Adam Johnson, a project board member at Django, who receiv... Read more
New phishing scam targets Microsoft 365 accounts of executives
Mitiga finds the Microsoft 365 accounts of business executives under attack by malicious attackers who use a combined strategy of spear phishing and man-in-the-middle methods.
Cybersecurity firm Mitiga disclosed that a dubious Business Email Compromise (BEC) campaign is continuously targeting Mi... Read more
‘Ransomware group Hive hits telecom giant Altice’
RedPacket Security claims that telecom giant Altice fell victim to a cyberattack by ransomware group Hive.
RedPacket Security uses web crawlers to collect threat information on the dark web. According to the company, telecom giant Altice fell victim to a ransomware attack on August 9. The attac... Read more
Google Cloud launches VMTD to combat crypto mining
Google's Virtual Machine Threat Detection (VMTD) is now generally available. The service allows customers to detect crypto mining activity in their Google Cloud environments.
VMTD was released as a public preview six months ago. The service is now generally available to all Google Cloud users. N... Read more
Popular password manager LastPass hit by cyberattack
Popular password manager LastPass fell victim to a cyberattack. Hackers managed to steal technical information.
LastPass, one of the largest and most popular password managers, fell victim to a cyberattack about two weeks ago. An "unauthorized party" penetrated the dev environment by compromisin... Read more
Elastic includes SOAR in Elastic Security 8.4
Elastic revised its automation and feedback framework with Security Orchestration, Automation and Response (SOAR). The release of Elastic Security 8.4 should optimize data analysis through new integrations with the systems of Elastic's partners.
Security experts spend large amounts of time perfo... Read more
Avast launches ransomware shield for small businesses
Avast updated its Ransomware Protection functionality to give organizations an additional line of defense against ransomware threats.
According to Avast, the number of ransomware threats rose by 24 percent in 2022 compared to 2021. Hence, Avast revealed a new way to protect small businesses agai... Read more