Tag Archives for " hacking "

Thousands of WordPress sites backdoored with malicious code

Thousands of WordPress sites have been hacked and compromised with malicious code this month, according to security researchers at Sucuri and Malwarebytes.

All compromises seem to follow a similar pattern –to load malicious code from a known threat actor– although the entry vector for all these incidents appears to be different.

Researchers believe intruders are gaining access to these sites not by exploiting flaws in the WordPress CMS itself, but vulnerabilities in outdated themes and plugins.

Source: Thousands of WordPress sites backdoored with malicious code | ZDNet

The 6 most popular cyberattack methods hackers use to attack your business

Cyberattacks show no sign of slowing down this year, according to a Wednesday report from Positive Technologies. Q2 2018 saw a 47% increase in cyberattacks over Q2 2017, with targeted attacks outnumbering mass campaigns as cybercriminals grow more sophisticated. Most cases involved targeted attacks on companies and their clients, as well as cryptocurrency exchanges, the report found. This article looks at six most popular cyberattack methods criminals used in Q2 2018, according to the report.

Read article: The 6 most popular cyberattack methods hackers use to attack your business – TechRepublic

Facebook Hack Puts Thousands of Other Sites at Risk

Ten years ago, the social network introduced a password system that connected it to a broad swath of the internet. Now we are seeing the downside. The hack and its fallout underscore the lengths to which Facebook has cemented itself as the identity of the internet, and what happens when the security systems of one company — trusted by so many — fail.

Full article: Facebook Hack Puts Thousands of Other Sites at Risk – The New York Times

The Facebook hack could be Europe’s first big online privacy battle

In a massive breach more than 50 million Facebook accounts has been compromised using a series of unpublished vulnerabilities to hijack session keys on an unprecedented scale. The new breach is a real contrast with previous GDPR fights, which have largely had to do with policy decisions and terms of service. It is not a clash about wording of privacy policies or providing advertisers with access to data but rather liability of service provider to ensure security of it’s service.

Source: The Facebook hack could be Europe’s first big online privacy battle – The Verge

Australia’s spyware law could expose phones to exploitation

Peter Dutton’s proposed legislation to expand the government’s surveillance capabilities into telecommunication devices through the inclusion of spyware risks could create “systemic weakness or vulnerability” that would be open to exploitation, Australia’s peak industry group has warned.

The Australian Industry Group has responded to the call for consultation on the assistance and access bill by warning of unintended consequences from the home affairs minister’s push to force telcos and tech giants, including Apple, Samsung, Google and Facebook, to include concealed “backdoors” into devices and messaging platforms.

Source: Australia’s spyware law could expose phones to exploitation, business group warns

Cyber-criminals target new companies, new supply chains

Cyber-criminals are seeking out new prey. Industries that previously had a lower threat profile – such as oil-and-gas, manufacturing, and shipping – are now falling victim to cyber-attacks at an increasing rate. In some cases, the cyber criminals are using the supply chains of companies in these industries as entry points for the attacks.

Read article: Cyber-criminals target new companies, new supply chains..

Companies may try to bypass GDPR fines by negotiating with cybercriminals

Europol, the EU’s policing agency, released a report on September 18 in which they warned that EU data protection laws may lead to an increase in cyber-extortion. Claim that companies may prefer to negotiate fees with hackers rather than pay GDPR fines was drawn up from responses to a survey Europol had sent out to private partners.

Europol goes on to warn that if such companies are to negotiate with cybercriminals, then they “will only fund further attacks and other criminal activity” and that the organisation at risk has no guarantee that “the attacker will not disclose or otherwise exploit information.”

Source: Companies may try to bypass GDPR fines by negotiating with cybercriminals, Europol say – EURACTIV.com

1 2 3 16
>