Security News

Sucuri Security's 2021 Website Threat Research Report has revealed that payment card skimmers are becoming more common in exploit kits affecting WordPress websites, and that attackers are spending more time customizing them to avoid detection. Current attack trends point to attackers targeting sites using Magento, OpenCart, PrestaShop, and those using the WooCommerce plugin for WordPress.

Some of these passwords were common words, which are extremely susceptible to dictionary attacks. Setting up a password policy that requires lengthy and complex passwords is a good start, but there is more that companies should be doing.

Cybersecurity researchers have discovered a number of malicious packages in the NPM registry specifically targeting a number of prominent companies based in Germany to carry out supply chain attacks. "Compared with most malware found in the NPM repository, this payload seems particularly dangerous: a highly-sophisticated, obfuscated piece of malware that acts as a backdoor and allows the attacker to take total control over the infected machine," researchers from JFrog said in a new report.

A new remote access trojan called Nerbian RAT has been discovered that includes a rich set of features, including the ability to evade detection and analysis by researchers. The email campaigns were discovered by researchers at Proofpoint, who released a report today on the new Nerbian RAT malware.

Microsoft patched 74 security flaws in its May Patch Tuesday batch of updates. At least one of the vulnerabilities disclosed is under active attack with public exploit code, according to Redmond, while two others are listed as having public exploit code.

A recently disclosed F5 BIG-IP vulnerability has been used in destructive attacks, attempting to erase a device's file system and make the server unusable. Last week, F5 disclosed a vulnerability tracked as CVE-2022-1388 that allows remote attackers to execute commands on BIG-IP network devices as 'root' without authentication.

The US and the European Union have officially blamed Russia for a series of destructive data-wiping malware infections in Ukrainian government and private-sector networks - and said they will "Take steps" to defend against and respond to Kremlin-orchestrated attacks. Beginning in January, and continuing after Russian troops illegally invaded Ukraine the following month, as Ukrainian websites were vandalized or pummeled offline in distributed denial-of-service attacks, Russian cyberspies planted malicious data-destroying code in Ukraine's computers.

Hackers have carried out over 65,000 attacks through Windows' Print Spooler exploit. A new report, from cybersecurity company Kaspersky, has found that cybercriminals conducted approximately 65,000 attacks through Windows' Print Spooler application between July 2021 and April 2022.

May 2022 Patch Tuesday is here, and Microsoft has marked it by releasing fixes for 74 CVE-numbered vulnerabilities, including one zero-day under active attack and two publicly known vulnerabilities. First and foremost, we have CVE-2022-26925, an "Important" spoofing vulnerability in Windows Local Security Authority that may turn into a "Critical" one if combined with NTLM relay attacks.

Costa Rican President Rodrigo Chaves declared a state of national cybersecurity emergency over the weekend following a financially motivated Conti ransomware attack against his administration that has hamstrung the government and economy of the Latin American nation. The attack-attributed to the prolific Conti ransomware group-occurred three weeks ago not long after Chaves took office; in fact, the state of emergency was one of his first decrees as president.