Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors. “Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed,” c/side researcher Himanshu Anand said in a Wednesday analysis. The malicious JavaScript code has been found to be served […]
Category Archives: Uncategorized
Cybercriminals are ramping up their efforts in the Kingdom and targeting more than just petroleum firms; now, they’re aiming for Middle East organizations in the IT, government, construction, and real estate sectors too. Go to Source Author: Robert Lemos, Contributing Writer
The U.S. Department of Justice (DoJ) has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally. The individuals include two officers of the People’s Republic of China’s (PRC) Ministry of Public Security (MPS), eight employees of an ostensibly private […]
The threat actor, of unknown origin, is deploying a proprietary backdoor malware known as “Sagerunex” against critical infrastructure in Hong Kong, Philippines, Taiwan, and Vietnam. Go to Source Author: Alexander Culafi, Senior News Writer, Dark Reading
The nation-state threat group has been breaching providers of remote management tools, identity management providers, and other IT companies to access networks of targeted entities, according to Microsoft. Go to Source Author: Jai Vijayan, Contributing Writer
The chipmakers patched bugs, mostly critical and high severity, that affect everything from smartphones to TVs to artificial intelligence platforms. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
The Iran-linked nation-state group made its debut with a stealthy, sophisticated, and laser-focused cyber-espionage attack on targets in UAE. Go to Source Author: Nate Nelson, Contributing Writer
The letters mimic typical ransom notes and threaten to delete or leak compromised data if payments aren’t made, though none of the organizations that received them had active ransomware attacks. Go to Source Author: Elizabeth Montalbano, Contributing Writer
The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks. That’s according to new findings from the Microsoft Threat Intelligence team, which said the Silk […]
Many CISOs are weighing the benefits of going virtual as a consultant. Can the pendulum swing in the other direction? Go to Source Author: Richard Marcus