0-day Vulnerability in WordPress BackupBuddy Plugin Attacked Over 5 million Times

Wordfence analysts have discovered that a fresh 0-day vulnerability in the popular WordPress plugin, BackupBuddy, which has been installed about 140,000 times, is under active attack. Since August 26, 2022, there have been about 5,000,000 hack attempts. The BackupBuddy plugin allows users to backup their entire WordPress installation right from the dashboard, including theme files,… Continue reading 0-day Vulnerability in WordPress BackupBuddy Plugin Attacked Over 5 million Times

North Korean Group Lazarus Attacks Energy Companies

A new malware campaign by the North Korean hacker group Lazarus has been discovered, which was active from February to July 2022. This time the hackers have targeted energy suppliers around the world, including companies in the US, Canada and Japan. Let me remind you that we also reported that Microsoft accused Russia and North… Continue reading North Korean Group Lazarus Attacks Energy Companies

MooBot Botnet Attacks D-Link Routers

Experts have discovered that the MooBot botnet, built on the Mirai IoT malware, attacks vulnerable D-Link routers using a combination of old and new exploits against them. Let me remind you that we also talked about ZuoRAT Trojan Hacks Asus, Cisco, DrayTek and NETGEAR Routers, and also that Information security specialists disclosed details of five… Continue reading MooBot Botnet Attacks D-Link Routers

The New Shikitega Malware Is Very Difficult to Detect and Eliminate

AT&T researchers have discovered a new Linux stealth malware called Shikitega that targets computers and IoT devices and uses privilege escalation vulnerabilities to run the Monero cryptocurrency miner on the infected devices. Shikitega can evade antivirus software with a polymorphic encoder that makes signature-based static detection impossible. Let me remind you that we also said… Continue reading The New Shikitega Malware Is Very Difficult to Detect and Eliminate

SharkBot Malware Infiltrates Google Play Store Again

Information security specialists from Fox IT discovered two applications in the Google Play Store that distribute the SharkBot Trojan: Mister Phone Cleaner and Kylhavy Mobile Security were installed more than 60,000 times in total. Let me remind you that we wrote that Researchers Found 35 Malware on Google Play, Overall Installed 2,000,000 Times, and also… Continue reading SharkBot Malware Infiltrates Google Play Store Again

Developer of CodeRAT Trojan Releases Source Code

The source code for the CodeRAT remote access trojan has been published on GitHub. This happened after the security researchers identified the malware developer and called him to account because of the attacks in which this “tool” was used. SafeBreach experts say that the attacks using CodeRAT were built as follows: the campaign, apparently, was… Continue reading Developer of CodeRAT Trojan Releases Source Code

Cisco Hack Is Linked to Russian-Speaking Hackers from Evil Corp

Experts from eSentire established that the infrastructure used to hack Cisco in May 2022 was exploited to compromise an unnamed HR solutions company a month earlier. Researchers believe that malicious actors associated with Evil Corp. are behind these incidents. Let me remind you that we also said that Cisco Won’t Fix an RCE Vulnerability in… Continue reading Cisco Hack Is Linked to Russian-Speaking Hackers from Evil Corp

The Japanese Government Decided to Fight the Use of … Floppy Disks

As it turns out, more than 1,900 administrative procedures in Japan still require the use of floppy disks. Now, the newly appointed head of Japan’s Ministry of Digital Reform, Taro Kono, has decided to declare “war” on floppy disks and other forms of obsolete media and move the submission process online. Let me remind you… Continue reading The Japanese Government Decided to Fight the Use of … Floppy Disks

Malware Hides in Images from the James Webb Telescope

Securonix researchers have noticed an interesting malware campaign that distributes a malware called GO#WEBBFUSCATOR written in Go. Hackers use phishing emails, malicious documents, and images from the James Webb telescope to spread it. Let me remind you that we also talked that MyKingz botnet uses Taylor Swift photo to infect target machines, and also that… Continue reading Malware Hides in Images from the James Webb Telescope

Hackers Are Now More Likely to Attack Not Large Hospitals, but Specialized Clinics

According to a new report from Critical Insight, hackers are increasingly targeting small healthcare companies and specialized clinics that lack the resources to defend themselves. While large healthcare systems, even despite having a huge amount of personal and medical data, usually have a more complex security system. By the way, we talked about the fact… Continue reading Hackers Are Now More Likely to Attack Not Large Hospitals, but Specialized Clinics