This entry was posted in Research, Wordfence, WordPress Security on December 5, 2018
The Defiant Threat Intelligence team recently began tracking the behavior of an organized brute force attack campaign against WordPress sites. This campaign has created a botnet of infected WordPress websites to perform its attacks, which attempt XML-RPC authentication to other WordPress sites in order to access privileged accounts.
The threat actors use a group of four command and control (C2) servers to send requests to over 14,000 proxy servers provided by a Russian proxy provider called best-proxies[.]ru. They use these proxies to anonymize the C2 traffic. The requests pass through the proxy servers and are sent to over 20,000 infected WordPress sites. Those sites are running an attack script which attacks targeted WordPress sites.
Your tax dollars not at work. A security researcher claims the US Postal Service ignored a security flaw affecting 60 million users, until it was contacted by journalist Brian Krebs.
11/29/2018 09:12 PM EST Original release date: November 29, 2018
As the holidays draw near, many consumers turn to the internet to shop for goods and services. Although online shopping can offer convenience and save time, shoppers should be cautious online and protect personal information against identity theft. Identity thieves steal personal information, such as a credit card, and run up bills in the victim’s name.
The US Department of Justice has charged eight men from Russia and Kazakhstan with running a vast ad-fraud scheme that milked a total of $36 million from advertisers. Three of the accused – Aleksandr Zhukov, Sergey Ovsyannikov and Yevgeniy Timchenko – have been arrested in different countries pending extradition to the US, with Boris Timokhin, Mikhail Andreev, Denis Avdeev, Dmitry Novikov, and Aleksandr Isaev still at large, an announcement said.
From VPN Geeks. Unfortunately, with technology on the rise, there’s more room for cyber crime in 2018. According to the Cyber Security Breaches Survey 2018, 43% of businesses were a victim of a cyber security breach in the last 12 months. In the U.S., the state of California lost more than $214 million through cyber crime alone.
Cisco’s Visual Networking Index forecast update for 2018 shows that there will be 1.4 billion more people using the internet by 2022 than the 3.4 billion users in 2017. There will also be significant growth in M2M and in 5G connections.
The 4.8 billion users represent about 60% of what the global population will be in 2022, assuming there will be 8 billion people on the planet. Having more internet users also means that ever-increasing quantities of data will be transmitted over the internet, establishing the multi-zettabyte era. By 2022, internet users will consume 4.8 zettabytes of data a year, which is 11 times the amount of IP traffic generated in 2012, with 437 exabytes.
A zettabyte is 1 trillion gigabytes, or 1,000,000,000,000,000,000,000 bytes. (A byte equals a single letter.)
Microsoft’s multi-factor authentication (MFA) for Microsoft Office 365 and Azure Active Directory has fallen over for the second time in a week.