Technology

High-Severity Vulnerability in 3 WordPress Plugins Affected 84,000 Websites

Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000 websites and could be abused by a malicious actor to take over vulnerable sites. “This flaw made it possible for an attacker to update arbitrary site options on a vulnerable site, provided they could trick a site’s administrator into performing […]

High-Severity Vulnerability in 3 WordPress Plugins Affected 84,000 Websites Read More »

Dark Web’s Largest Marketplace for Stolen Credit Cards is Shutting Down

UniCC, the biggest dark web marketplace for stolen credit and debit cards, has announced that it’s shuttering its operations after earning $358 million in purchases since 2013 using cryptocurrencies such as Bitcoin, Litecoin, Ether, and Dash. “Don’t build any conspiracy theories about us leaving,” the anonymous operators of UniCC said in a farewell posted on

Dark Web’s Largest Marketplace for Stolen Credit Cards is Shutting Down Read More »

Chrome Limits Websites’ Direct Access to Private Networks for Security Reasons

Google Chrome has announced plans to prohibit public websites from directly accessing endpoints located within private networks as part of an upcoming major security shakeup to prevent intrusions via the browser. The proposed change is set to be rolled out in two phases consisting of releases Chrome 98 and Chrome 101 scheduled in the coming

Chrome Limits Websites’ Direct Access to Private Networks for Security Reasons Read More »

A New Destructive Malware Targeting Ukrainian Government and Business Entities

Cybersecurity teams from Microsoft on Saturday disclosed they identified evidence of a new destructive malware operation targeting government, non-profit, and information technology entities in Ukraine amid brewing geopolitical tensions between the country and Russia. “The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable,”

A New Destructive Malware Targeting Ukrainian Government and Business Entities Read More »

New Unpatched Apple Safari Browser Bug Allows Cross-Site User Tracking

A software bug introduced in Apple Safari 15’s implementation of the IndexedDB API could be abused by a malicious website to track users’ online activity in the web browser and worse, even reveal their identity. The vulnerability, dubbed IndexedDB Leaks, was disclosed by fraud protection software company FingerprintJS, which reported the issue to the iPhone maker on November

New Unpatched Apple Safari Browser Bug Allows Cross-Site User Tracking Read More »

Massive Cyber Attack Knocks Down Ukrainian Government Websites

No fewer than 70 websites operated by the Ukrainian government went offline on Friday for hours in what appears to be a coordinated cyber attack amid heightened tensions with Russia. “As a result of a massive cyber attack, the websites of the Ministry of Foreign Affairs and a number of other government agencies are temporarily

Massive Cyber Attack Knocks Down Ukrainian Government Websites Read More »

Get Lifetime Access to Cybersecurity Certification Prep Courses

You can’t go far in professional IT without being asked for some key certifications. In particular, most large companies today require new hires to be well versed in the fundamentals of cybersecurity. Adding the likes of CISSP, CISM, and CompTIA CASP+ to your résumé can open the door to many opportunities — including six-figure roles. There is

Get Lifetime Access to Cybersecurity Certification Prep Courses Read More »

Russia Arrests REvil Ransomware Gang Responsible for High-Profile Cyber Attacks

In an unprecedented move, Russia’s Federal Security Service (FSB), the country’s principal security agency, on Friday disclosed that it arrested several members belonging to the notorious REvil ransomware gang and neutralized its operations. The surprise operation, which it said was carried out at the request of the U.S. authorities, saw the law enforcement agency conduct

Russia Arrests REvil Ransomware Gang Responsible for High-Profile Cyber Attacks Read More »

Cisco Releases Patch for Critical Bug Affecting Unified CCMP and Unified CCDM

Cisco Systems has rolled out security updates for a critical security vulnerability affecting Unified Contact Center Management Portal (Unified CCMP) and Unified Contact Center Domain Manager (Unified CCDM) that could be exploited by a remote attacker to take control of an affected system. Tracked as CVE-2022-20658, the vulnerability has been rated 9.6 in severity on the

Cisco Releases Patch for Critical Bug Affecting Unified CCMP and Unified CCDM Read More »

Husband-Wife Arrested in Ukraine for Ransomware Attacks on Foreign Companies

Ukrainian police authorities have nabbed five members of a gang that’s believed to have helped orchestrate attacks against more than 50 companies across Europe and the U.S and caused losses to the tune of more than $1 million. The special operation, which was carried out in assistance with law enforcement officials from the U.K. and U.S.,

Husband-Wife Arrested in Ukraine for Ransomware Attacks on Foreign Companies Read More »