‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks. Researchers have tracked new spyware…

Malicious Exchange Server Module Hoovers Up Outlook Credentials

“Owowa” stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made. Researchers have uncovered a previously unknown malicious IIS module,…

Ransomware in 2022: We're all screwed

Ransomware is now a primary threat for businesses, and with the past year or so considered the “golden era” for operators, cybersecurity experts believe this criminal enterprise will reach new…

Patch Tuesday December 2021 – Microsoft Fixes 67 Flaws, Including 6 Zero-Day Vulnerabilities

December’s Patch Tuesday comes with numerous security fixes and improvements, including two actively exploited zero-day vulnerabilities. The list features spoofing, denial of service, remote code execution, elevation of privilege, and…

Volvo announces some R&D files stolen during cyberattack

Volvo Cars has released a statement confirming a breach of sensitive files that resulted from a cyberattack. Volvo said it is now aware that “one of its file repositories has…

Sprawling Active Attack Aims to Take Over 1.6M WordPress Sites

Cyberattackers are targeting security vulnerabilities in four plugins plus Epsilon themes, to assign themselves administrative accounts. An active attack against more than 1.6 million WordPress sites is underway, with researchers…

‘Karakurt’ Extortion Threat Emerges, But Says No to Ransomware

The threat group, first identified in June, focuses solely on data exfiltration and subsequent extortion, and has already targeted 40 victims since September. There is a new financially motivated threat…

1.6 million WordPress Sites Were Attacked

WordPress is a free and open-source content management system (CMS) developed in PHP and used in conjunction with a MySQL or MariaDB database. WordPress started as a blog-publishing system but…

1.6 Million WordPress Sites Hit With 13.7 Million Attacks In 36 Hours From 16,000 IPs

WordFence –  WordFence –  Today, on December 9, 2021, our Threat Intelligence team noticed a drastic uptick in attacks targeting vulnerabilities that make it possible for attackers to update arbitrary…

Credit Card Swipers Injected into WordPress Plugins

As the holiday season is approaching, more and more people to rush to finish their Christmas shopping without being aware of the fact that cybercriminals don’t take time off for…