WordPress Plugin PageLayer leaves 200k sites vulnerable
Author: Sergiu Gatlan
Two high severity security vulnerabilities found in the PageLayer plugin can let attackers to potentially wipe the contents or take over WordPress sites using vulnerable plugin versions.
PageLayer is a WordPress...
WastedLocker Ransomware Using Hacked Websites to Spread via Fake Software Updates
Dozens of US news sites hacked in WastedLocker ransomware attacks
By Sergiu Gatlan
Image: C Drying
The Evil Corp gang hacked into dozens of US newspaper websites owned by the same company to infect...
Russian Military Hackers Sandworm Exploiting Mail Software Says NSA
By Sergiu Gatlan
The U.S. National Security Agency (NSA) says that Russian military threat actors known as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA) software...
Google Analytics Used By Cybercriminals to Steal Credit Card Data
Attackers inject malicious code that collects payment data onto a hacked site.
Cybercriminals use Google Analytics to steal credit card information from compromised e-commerce sites. According to experts from Kaspersky Lab,...
Misconfigured Kubernetes Target Of XMRig Mining Campaign
XMRig Campaign Target Misconfigured Kubernetes to Mine Cryptocurrency
Kubernetes clusters, due to their cloud computing capabilities and widespread use, are the perfect target for crypto-mining campaigns. A widespread XMRig Monero-mining...
Major Twitter Hack – Hackers Run Bitcoin Scam Using Celebrity and Verified Accounts
By Kyle Fedorek
2020 has been one heck of a year. From COVID-19 to real world issues and the presidential debate. It seems just when you think it cant get...
Tor Zero Days And Malicious Exit Nodes
Multiple zero-day vulnerabilities in Tor have been disclosed online as well as a malicious exit node operator stealing bitcoin and other nefarious activities.
A security researcher has disclosed two zero-days...
Algolia Search Service Hacked Using Salt Vulnerability
May 8, 2020
The search service Algolia reported a hack during which attackers exploited a vulnerability in the software for setting up Salt servers and gained access to the service infrastructure. The criminals...
Critical SonicWall VPN Portal Bug Allows DoS, Worming RCE
The CVE-2020-5135 stack-based buffer overflow security vulnerability is trivial to exploit, without logging in.
A critical security bug in the SonicWall VPN portal can be used to crash the device...
Amazon Stops Largest DDoS Ever Recorded By Their Systems
Amazon says it mitigated the largest DDoS attack ever recorded
By @JonPorty Jun 18, 2020, 7:31am EDT
An attack with a previously unseen volume of 2.3 Tbps
Amazon Web Services recently had to defend...
