Blog

Monero Miners use Google Tag Manager

Attackers distribute the Coinhive Miner using Google Tag Manager
Monero hunters, specializing in the introduction of the Coinhive Miner, have adopted the Google Tag Manager.

As the security researcher Troy Mursch told The Register, he discovered Coinhive on the website of ...

In the popular WordPress plugin Formidable Forms are found and fixed critical vulnerability

The popular Formidable Forms plug-in, available in both free and paid versions, has more than 200,000 active installations. The plugin offers website owners a tool for creating contact pages, polls, polls and other forms
The well-known Finnish researcher Jouko Pynnönen, ...

Google Advanced Protection: more protection at the expense of convenience

A week ago, on October 17, Google introduced enhanced security features for the Gmail account, targeting primarily civil servants and journalists using the company’s services. Experts do not consider the panacea a new set of tools for Advanced Protection, but ...

Announced new security features of Chrome, the engine ESET among them

Yesterday, Googleinfo-icon announced three new security features of the Chrome browser
The features which will help to detect and combat malicious extensions and programs.

First of all, Chrome will detect the addition of changes to the user’s default settings. These include ...

Oracle fixed 20 dangerous vulnerabilities in Java SE

In total, Oracle fixed 252 vulnerabilities in its products
Oracle released the October security update Critical Patch Update 2017, which fixes a total of 252 vulnerabilities in a number of products, including Oracle Database Server and Java SE.
The company ...

Hackers scan sites in search for private SSH-keys

A publication of a report on the lack of adequate protection for SSH led to an unexpected surge of scans
Hackers scanned Web sites running WordPress in search for directories containing private SSH keys, in order to hack them with ...

Closed critical vulnerability in the PeopleSoft kernel engine

Closed on Tuesday, October 17, a vulnerability with remote code execution as part of a large quarterly issue of Oracle’s critical patches has become an alarming call for businesses using PeopleSoft with open access from the Internet
This bug with ...

Security of Java applications at a low level

Veracode has released a report on the state of application security for the period from April 1, 2016 to March 31, 2017. The new statistics are based on the analysis of about 250 billion lines of code obtained during 400 ...

Google Play again found the malware that integrated infected devices into an advertising botnet

Experts at Symantec found in the applications from Google Play malware Sockbot
Experts at Symantec found in the applications from Google Play malware Sockbot, which combined infected devices into a botnet. As a result, in early October 2017, eight programs ...

Google started a reward program for finding a vulnerabilities in Play Store applications

A well-known proverb says: “better late than never”. This is exactly the case with GOOGL’s latest decision.

As you may know, a variety of malware and “problem” applications are found in the official directory of Google Play. Apparently, neither automated control ...

The Chrome Web Store removed the Adblock Plus clone

Before Google noticed an error, the extension was downloaded by about 37 thousand users
The extension, imitating a popular tool for blocking Adblock Plus ads, was posted on the Chrome Web Store. Before Google noticed the error, the extension was ...

LINUX KERNEL FIXES A TWO YEAR OLD VULNERABILITY

The problem allowed obtaining a superuser rights on the system
Linux kernel eliminates the dangerous privilege vulnerability found more than two years ago. The problem was discovered by a Google employee Michael Davidson in April 2015 and wad fixed in ...

WordPress plugin detected a backdoor

The backdoor was contained in the fake X-WP-SPAM-SHIELD-PRO plugin
An unknown hacker introduced a backdoor into the source code of the WordPress plugin that masquerades as an anti-spam tool called X-WP-SPAM-SHIELD-PRO.

Apparently, the attacker tried to use the reputation of a ...

Magento fix 35 vulnerabilities in two products

The WordPress plugin “Display Widgets” distributes malware
On September 14, Magento, developing the same-name online store management system, released updates for Magento Commerce and Magento Open Source, eliminating numerous vulnerabilities, in particular, a critically serious remote code execution error.

In summary, ...

The WordPress plugin “Display Widgets” distributes malware

The plug-in “Display Widgets”, numbering more than 200 thousand installations, was finally removed from the plug-ins directory to WordPress after a series of incidents, which resulted in the substitution of malicious code for new releases.

This code was a backdoor allowing ...

1 2 3 4 5
Skip to content