Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


WordPress Sites Compromised via Zero-Day Vulnerabilities in Total Donations Plugin

It is our recommendation that site owners using Total Donations delete–not just deactivate–the vulnerable plugin as soon as possible to secure their sites. The following article details the issues present in Total Donations, as well as the active attacks against the plugin. We’ll also take a look at ...

Continue Reading →
0

The Old is New Again – Return of the Trojan Horse

Trojan horse, backdoor, and spyware exploits are back with a vengeance, according to a recent report by cybersecurity firm Malwarebytes.  These exploits may seem like old and out-of-date attack vectors, but these tools have been updated and revamped, and are appearing at an alarming rate.  Last year, Trojan horse deployments increased by 132%, backdoors increased by 173%, and spyware exploits increased 142%.

Crypto-ransomware and crypto-jacking exploits have been the hot and sexy ...

Continue Reading →
0

Chinese Attacks Against MSPs and IT Support Companies Puts Clients At Risk

US-Cert recently released the following warning to businesses, governmental units, and other organizations who contract their computer support to computer support companies that are known as Managed Service Providers or MSPs.  An MSP provides support principally by using remote monitoring, remote access, and remote control software products.  They install a monitoring tool called an “agent,” and a command and control device on the ...

Continue Reading →
1

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers

and

APTs Targeting IT Service Provider Customers

10/03/2018 10:56 AM EDT  Original release date: October 03, 2018

The National Cybersecurity and Communications Integration Center (NCCIC) has received multiple reports of advanced persistent threat (APT) actors actively exploiting trust relationships in information ...

Continue Reading →
0

The Swiss Army Knife of Hacker-ware

Have you ever wondered just what an attacker can do once they gain access to your computer?  A 21 year old software coder is facing prison time for developing the ultimate Swiss Army knife of an “administrators'” tool-kit.  This tool was sold to over 6,000 people through an extensive affiliate marketing network.  Many of his customers were cyber-criminals who used the ...

Continue Reading →
0

Six Simple Malware Removal Tips Anyone Can Use

You think you just got a malware infection on your computer, but you’re not sure, and you aren’t sure what to do.  Take it to the Geek Squad or another qualified IT shop?  If only there were simple things you could try on your own.  The good news is there are, and we will show you some of them today.

  • So it seems you might have a malware issue.  These are my ...
Continue Reading →
0

Ten Signs of a Malware Infection

I just finished helping a client with a strange issue that I thought might be malware related, and we successfully fixed his issue by email, without having to meet or even set up a remote support session.  And it occurred to me that I have not covered the issue of malware remediation in ages.  Since this can be a fairly easy DIY project for most computer users, I thought a fresh ...

Continue Reading →
0

WordPress JetPack Exploit Hijacks Websites for Tech-Support Scam

Bad actors are using compromised WordPress.com accounts and the popular Jetpack plugin to add a malicious plug-in of their own that turns compromised websites into a vehicle for perpetrating a fake tech support scam.  Attackers are using stolen user names and passwords from other breaches and trying these credentials on WordPress.com to find accounts.  They are even searching whois records for website domain names registered with the same email account as the stolen user name.

Continue Reading →
0

What Security Advice Do The Experts Offer?

I recently read an article from Heimdal Security about online safety.  In this article Heimdal had asked 18 experts in the field of cybersecurity for their top 3 ideas about how to stay secure.  The contributors included top cybersecurity professionals from several anti-malware companies, security bloggers, and cybersecurity industry professionals.  The original article is here.

What I found interesting were the ...

Continue Reading →
0
Page 1 of 4 1234