Details

HackerNews

14 April 2023

April 12, 2023  The Hacker News published that Microsoft has released another set of security updates to fix a total of 97 flaws impacting its software, one of which has been actively exploited in ransomware attacks in the wild.Seven of the 97 bugs are rated Critical and 90 are rated Important in severity. Interestingly, 45 of the shortcomings are remote code execution flaws, followed by 20 elevation of privilege vulnerabilities. The updates also follow fixes for 26 vulnerabilities in its Edge browser that were released over the past month....Read More......................

Details

The Guardian

14 April 2023

April 11, 2023  The Guardian published that the FBI is alerting consumers not to use public charging stations, warning that fraudsters could infect such machines with malware and steal their data.In the newly released warnings, bureau officials cautioned customers to avoid using public USB charging ports in airports, malls and hotels, noting that hackers could use the opportunity to access a person’s phone or tablet.“Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software on to devices,” the FBI’s Denver office said on Twitter recently....Read More......................

Details

Hackernews

13 April 2023

April 10, 2023  The Hackernews published that Over one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy malware called Balada Injector since 2017.The massive campaign, per GoDaddy's Sucuri, "leverages all known and recently discovered theme and plugin vulnerabilities" to breach WordPress sites. The attacks are known to play out in waves once every few weeks. "This campaign is easily identified by its preference for String.fromCharCode obfuscation, the use of freshly registered domain names hosting malicious scripts on random subdomains, and by redirects to various scam sites," security researcher Denis Sinegubko said...Read More......................

Details

Hacker News

11 April 2023

April 7, 2023  Hackernews published that In yet another sign that Telegram is increasingly becoming a thriving hub for cybercrime, researchers have found that threat actors are using the messaging platform to peddle phishing kits and help set up phishing campaigns."To promote their 'goods,' phishers create Telegram channels through which they educate their audience about phishing and entertain subscribers with polls like, 'What type of personal data do you prefer?'," Kaspersky web content analyst Olga Svistunova said in a report published this week.The links to these Telegram channels are distributed via YouTube, GitHub, and the phishing kits that are developed by the crooks themselves. The Russian cybersecurity firm said it detected over 2.5 million malicious URLs generated using phishing kits in the past six months......Read More...................