Security News > 2020 > November

A security vulnerability in the Welcart e-Commerce plugin opens up websites to code injection. Welcart e-Commerce is a free WordPress plugin that has more than 20,000 installations - it enjoys top market share in Japan, according to WordPress.

The feds have seized its largest stash ever of Bitcoin, originating from the notorious Silk Road underground marketplace. In 2014, the FBI auctioned off 30,000 Bitcoins that the government seized in the initial takedown, which were housed in wallet files stored on Silk Road servers.

Italian spirits brand Campari has restored its company website following a recent ransomware attack. Ransomware attacks have been on the rise since the beginning of the pandemic last spring.

The day after Thanksgiving became known as Black Friday because it was a day on which so much retail trade was done that many retailers, in a good year at least, would make enough money to bring their annual trading accounts into the black, leaving them with the rest of the Christmas shopping season to make their profit for the year. With Black Friday now popular not just in the US but all over the world, there's no global Thursday thanksgiving holiday that ties Black Friday to a specific Friday, or even to a Friday at all.

At least one ransomware operator appears to have added to their arsenal an exploit for a recently patched vulnerability in Oracle WebLogic. Tracked as CVE-2020-14882 and considered critical severity, the vulnerability was addressed in Oracle's October 2020 Critical Patch Update.

The infamous Maze ransomware gang announced today that they have officially closed down their ransomware operation and will no longer be leaking new companies' data on their site. Ransomware Demands continue to rise as Data Exfiltration becomes common, and Maze subdues The Coveware Quarterly Ransomware Report describes ransomware incident response trends during Q3 of 2020.

Researchers have uncovered a new worm targeting Linux based x86 servers, as well as Linux internet of things devices. Of note, the malware utilizes GitHub and Pastebin for housing malicious component code, and has at least 12 different attack modules available - leading researchers to call it "Gitpaste-12." It was first detected by Juniper Threat Labs in attacks on Oct. 15, 2020.

The criminals who took out Scotland's Dundee and Angus College made a ransom demand that precisely added up to the contents of its bank account - and that was no accident, its principal has said. In a postmortem interview with academic IT nonprofit Jisc, Simon Hewitt lifted the lid on the 31 January ransomware attack, which went on for days and saw the college's entire IT estate almost completely wiped.

Microsoft has added a new group policy in Windows 10 20H2 that allows you to disable a new feature that customizes the taskbar based on what accounts or devices you have. In the Windows 10 Insider Build 20161, Microsoft introduced a new feature called "Programmable Taskbar" that customizes the Windows 10 taskbar when logging into an account for the first time.

A social housing provider in Norwich, England, has said it was hit with the Sodinokibi ransomware following what it assumes was a successful phishing attack. "Whilst the investigation is still going on we can confirm that the incident was caused by ransomware, known as Sodinokibi, via a suspected phishing attack," said Flagship in a statement on its partially pwned website.