Are you one of the million-plus website owners making use of Ninja Forms for WordPress? If so, be aware that the company has recently patched a serious security flaw that allowed hackers to inject malicious code and take over websites. The attack is accomplished via a Cross-Site Request Forgery (CSRF) that leads to a Stored […]
Tag Archives: Malware and Virus Protection
If you’re like a lot of people stuck at home during the pandemic, you probably ran out of Netflix titles to watch a couple of weeks ago. As a result, researchers have noted a huge surge in traffic to torrent sites as more and more people are drawn to downloading movies illegally in search of […]
Recently, security companies all over the world have seen a surge in spam, hacking, and scam campaigns that are taking advantage of the fear and confusion surrounding the global pandemic. They’re using promises of COVID-19 information and access to pandemic-related equipment as hooks to lure people into clicking on links or downloading poisoned files. Although […]
A few new variants of the Agent Tesla info-stealer malware have been spotted in the wild and should be on your radar if they’re not already. The new variants are more dangerous than previous versions of the malware. They now sport a module that enables them to scrape WiFi passwords from devices they invest. That […]
WooCommerce is a WordPress-based, free plugin that makes it incredibly easy to sell just about anything online. With more than five million installations, it’s clearly a favorite on the web. Unfortunately, its popularity also makes it an easy target. Ben Martin and Willem de Groot are researchers with Sanguine Security. They found a new attack […]
Are you familiar with Astaroth? If you’re a data security professional, you’ve probably at least heard the name. The group gained some notoriety last year when it came to light that they had developed a means of spreading “fileless malware” using legitimate Windows tools to infect machines around the world. The Windows Defender ATP team […]
A Pakistani-based hacking group that goes by a variety of names, including “Transparent Tribe,” “APT36,” “Mythic Leopard” and others has been discovered to be behind a particularly nasty attack recently. Researchers with QiAnXin’s RedDrip Team discovered a phishing campaign bearing the group’s stamp. This new campaign utilizes poisoned files that appear to be health advisories […]
There’s a new malware threat to be aware of, called “CookieThief,” which is an apt name that describes what the malware does. Honestly though, the Hackers missed the mark here. “CookieMonster” would have been a much better name option. In any case, it’s part of a growing new collection of malware strains that is able […]