The Wordfence Threat Intelligence Team just published details of an attack harvesting database credentials, targeting over 1 million WordPress sites. For 24 hours, attacks from this campaign accounted for 75% of all exploit attempts on plugins and themes across all of WordPress.
Both the free and paid versions of Wordfence protect you from this attack campaign.
Regards, Ram Gall – Senior QA Engineer
Also read Bruce Schneier’s article Global Surveillance in the Wake of COVID-19
Is this the kind of power we want to give the government? Contact tracing can be used to keep track of your friends and travels for purposes that have nothing to do with disease control. The first phase of Apple and Google’s contact tracing framework to help identify people at risk from coronavirus.
OUCH! BBC News was one of the many major media sites who reported May 12 that a media and entertainment law firm used by A-list stars including Rod Stewart, Robert De Niro, Sir Elton John, Lady Gaga, and apparently Donald Trump has been hacked.
The website for New York Grubman Shire Meiselas & Sacks is down and hackers claim to have 756 gigabytes of data including contracts and personal emails. News of the hack surfaced May 9 on Variety.com. The law firm said in a press statement: “We can confirm that we’ve been victimized by a cyber-attack. We have notified our clients and our staff. We have hired the world’s experts who specialize in this area, and we are working around the clock to address these matters.”
Also at the KnowBe4 blog with links:
CISA, IRS, USSS, and Treasury Release Joint Alert on Scams Related to Coronavirus Economic Impact Payments
Original release date: May 21, 2020
The Cybersecurity and Infrastructure Security Agency (CISA), U.S. Department of the Treasury, Internal Revenue Service (IRS), and United States Secret Service (USSS) have released a Joint Alert with mitigations to help Americans avoid scams related to coronavirus economic impact payments—particularly attempts to steal payments, personal and financial information, and disrupt payment efforts.
CISA encourages consumers to review the Joint Alert, Avoid Scams Related to Economic Payments, COVID-19, and www.cisa.gov/coronavirus for more information.
At the start of COVID-19, much of cybersecurity focused on a rise in attacks against the healthcare industry. Now another significant cybercrime target is emerging: state unemployment benefit systems. Hackers are taking advantage of the unprecedented rise in unemployed Americans and the expanded benefits available. “This is a gut punch,” said Suzi LeVine, Commissioner of Washington’s Employment Security Department. Washington State is the epicenter of the attacks, and the federal government has revealed evidence of similar attacks in Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island, and Wyoming. An alert issued by the U.S. Secret Service indicates that the scheme is coming from a well-organized Nigerian fraud ring… Read more
Unemployment is a particularly touchy subject surrounding COVID-19. The Ohio unemployment insurance website, and particularly the site’s “fraud reporting” form, was a perfect example of these tensions. The fraud form was supposed to prevent employees who refused to work from receiving unemployment benefits during a global pandemic. So one hacker decided to advocate for labor rights by doing exactly… Read more
Original release date: May 22, 2020
The Cybersecurity and Infrastructure Security Agency (CISA), the Department of Energy (DOE), and the UK’s National Cyber Security Centre (NCSC) have released Cybersecurity Best Practices for Industrial Control Systems, an infographic providing recommended cybersecurity practices for industrial control systems (ICS). The two-page infographic summarizes common ICS risk considerations, short- and long-term cybersecurity event impacts, best practices to defend ICS processes, and highlights NCSC’s product on Secure Design Principles and Operational Technology. CISA, DOE, and NCSC encourage users to review Cybersecurity Best Practices for Industrial Control Systems. For more in-depth information, visit CISA’s ICS Recommended Practices webpage and DOE’s Cybersecurity Capability Maturity Model (C2M2) Program webpage. For information on CISA Assessments, visit https://www.cisa.gov/cyber-resource-hub.
Mozilla is fixing a longstanding password problem to alert users when their password exceeds the maximum length allowed.
Original release date: May 20, 2020
Microsoft has released a security advisory that addresses a vulnerability affecting Windows DNS Servers. An attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft Advisory ADV200009 for more information and to apply the necessary mitigation or workaround.