10,000 hacked WordPress sites have caused thousands of PC infections

10,000 hacked WordPress sites have caused thousands of PC infections Specialists from Check Point found a group of hackers who organized malicious computer infestation campaigns through ads on websites, where cybercriminals distributed, cryptomayers, extortionists and bank Trojans. Experts said that they recorded more than 40 000 attempts of infection per week. Currently, the campaign is still active. Mostly, infection occurs through malicious advertisements. Experts believe that cybercriminals...


New Malicious PHP-script “Brain Food” infected 2400 website during one a week

Malicious PHP-script called Brain Food, is able to add a headache to web developers: it promotes questionable pharmaceutical products through pages hosted on legitimate sites. The new spam campaign is still quite successful, as it uses a PHP-script, implemented on the sites, well protected from detection. Over the past four months, Proofpoint specialists found 5,000 compromised sites infected by Malicious PHP-script "Brain Food". In a blog posted on Friday, the Proofpoint company said that over...


A new generation of phishing tools was discovered In Darknet

Check Point experts in together with CyberInt specialists have discovered new-generation phishing-tools for fake website building that are actively advertised in darknet. According to experts, these tools represent a more advanced generation of threats to create more compelling fake sites. The author of phishing tools is hiding under the pseudonym [A] pache and encourages users with low technical backgrounds to create their own phishing campaign to gather critical information about users. To...


Drupal Developers are forced to release a second patch for Drupalgeddon2

Drupal to release a second patch for Drupalgeddon2 Yesterday, the developers of Drupal announced that versions 7.x, 8.4.x and 8.5.x this week will receive new security updates, since the critical vulnerability in CMS, known as Drupalgeddon2, could not be completely fixed by the first patches. Release of updates scheduled for April 25 . These patches are designed to eliminate the recently disclosed critical vulnerability, which received the identifier CVE-2018-7600 and the name Drupalgeddon2....


In Drupal patched not too dangerous XSS Vulnerability

In Drupal closed XSS Vulnerability Last Wednesday, the Drupal team released updates with a patch for the XSS vulnerability in the CKEditor module of the CMS core. This gap, estimated as moderately dangerous, is relevant only for Drupal 8; users are advised to install Assembly 8.5.2 or 8.4.7. According to the developer's blog entry for the CKEditor JavaScript library, the chance of an XSS attack appears when you use the image2 plugin, an enhanced version of the image plug-in in this editor. This...


Server's of LimeSurvey service was attacked by hackers

Server's of LimeSurvey service was attacked by hackers Specialists from the company RIPS Technologies found a dangerous vulnerability in the popular service for organizing online surveys LimeSurvey. vulnerability allow you to run arbitrary code on web servers. LimeSurvey is a free open source Internet application. According to Securityweek, it is downloaded about 10 thousand times a month. Users install the client on their server and interact with the system through the web interface. Two...


Thousands of hacked sites infect visitors' computers with malicious software

Thousands of sites hacked and infect visitors’ computers with malware The other day it became known that a Hackers hacked several thousands of different sites by downloading malware to servers. It was done in order to infect the user PCs when they visited their compromised website. The hack campaign was carefully disguised, and was held at least a few months ago. Most hacked sites are built on open seorse CMS as WordPress, Joomla and SquareSpace . Information about the incident was...


For the first quarter of 2018, Consumer Cryptomining malware up 4,000%

For the first quarter of 2018, Consumer Cryptomining malware up 4,000 Specialists Malwarebytes published a report according to which the number of incidents of crypto-jacking for the first quarter of 2018 increased by 4000% compared to the same period last year. But the attacks of extortion programs on the contrary went to decline, their number decreased by 35%. The company presented an interesting infographics. For example, in the graph below you can estimate the number of malicious mining...


More than 1000 Magento website were hacked.

More than 1000 sites based on Magento were hacked.Data on bank cards was stolen, and resources were installed on miners Experts Flashpoint reported that they found a compromise of more than 1000 sites running Magento. According to the company, the attackers not only steal data about bank cards of users of these resources, but also infect the sites themselves with malicious scripts, including for crypto currency mining, or use sites to store other malicious programs. Researchers explain that mass...


New Critical Vulnerabilities in Drupal

A critical vulnerability has been fixed in Drupal A week ago on March 28, Drupal Security Team announced patches that close the critical bug in security, relevant for all versions of Drupal 6.x, 7.x and 8.x. The vulnerability allows an attacker to gain access to the hosting server with the rights of the web server. Hacker don't have exploit that exploits this vulnerability, but it is likely to appear in the very near future, therefore it is strongly recommended that all site owners on Drupal or...


Google improves security tools in Google Cloud, G Suite

Google Cloud Platform and G Suite security will be increase On Wednesday, Google announced a set of new security features for the Google Cloud Platform and G Suite. According to the company, new opportunities will give companies more control over their security environment. For the Google Cloud Platform, VPC Service Controls' virtual private cloud management services were implemented. Currently, the alpha version provides a firewall for API-based services, as well as functions to protect data...


Hackers hide a miner malware installer on Github

Be careful the miner malware installer is on Github Analysts of Avast Software reported a new method of a hidden distribution of crypto-currency miners. They found a malicious installer, hidden in IT projects on Github. The detected malicious program is spread exclusively through phishing advertising. It is mostly hosted on adult websites or resources dedicated to computer games. In addition to the banners that are tied to the server with a redirector on Github, the researchers found a portal...


New malware masks for IonCube files

New malware masks for IonCube files Security researchers from SiteLock warned administrators of WordPress and Joomla sites about new malware that masqueraded as legitimate ionCube files. Malware, called ionCube Malware, is used by cybercriminals to create backdoors on vulnerable websites, allowing them to steal data or install additional malware. According to researchers, malware was detected on more than 800 sites belonging to small companies operating on the platforms of CMS WordPress, Joomla...


The New version of WordPress 4.9.3 broke the automatic update function

The New version of WordPress 4.9.3 broke the automatic update function Site administrators working on WordPress have had a tough week when, on Monday, February 5 2018, a new version of CMS (WordPress 4.9.3) was published, which was supposed to fix a number of minor problems, but eventually, accidentally, corrupted the automatic updates mechanism, which allowed for independent CMS updates. Although the error was quickly noticed, and corrected the very next day in the WordPress 4.9.4 version,...


Phishing clone of Reddit site detected

Phishing clone of Reddit site detected A malicious clone of the popular Reddit site was found, it is located at reddit [.] Co A malicious clone of the popular Reddit site was found, it is located at reddit [.] Co. Apparently, the author of this clone expects that users will not be able to distinguish a fake. The site itself is phishing, designed to collect user names and passwords. The main page of the fake site is very similar to Reddit, but when clicking messages that are not photos or videos...