We often write about malware that steals payment information from sites built with Magento and other types of e-commerce CMS. However, WordPress has become a massive player in ecommerce as well, thanks to the adoption of Woocommerce and other plugins that can easily turn a WordPress site into a fully-featured online store. This popularity also […]
Key takeaways Proofpoint identified multiple YouTube channels distributing malware by promoting cracked and pirated video games and related content. The video descriptions include links leading to the download of information stealers. The activity likely targets consumer users who do not have the benefits of enterprise-grade security on their home computers. Overview Threat actors often target […]
PixPirate utilizes two apps, including a downloader and a hidden malware app, to steal information and automate fraudulent transactions on the popular Brazilian payment platform Pix.
In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos. Attackers subsequently use this stolen information to gain unauthorized remote access, extort victims, deploy ransomware, and more. Ransomware remains primary cyberthreat for SMBs The Sophos report also analyses initial access […]
Mar 14, 2024NewsroomMalware / Cyber Attack A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus software installers. “During this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open redirects that led unsuspecting victims to compromised sites hosting […]
Mar 12, 2024NewsroomWordPress / Website Security A new malware campaign is leveraging a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious JavaScript code. According to Sucuri, the campaign has infected more than 3,900 sites over the past three weeks. “These attacks are orchestrated from domains less than a month old, […]
Linux Malware targets misconfigured misconfigured Apache Hadoop, Confluence, Docker, and Redis servers Pierluigi Paganini March 07, 2024 A new Linux malware campaign campaign is targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. Researchers from Cado Security observed a new Linux malware campaign targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. The threat actors […]
The ‘WogRAT’ malware targets both Windows and Linux systems and uses the online notepad platform ‘aNotepad’ to store and retrieve malicious code, making its infection chain stealthy.
The ‘WogRAT’ malware targets both Windows and Linux systems and uses the online notepad platform ‘aNotepad’ to store and retrieve malicious code, making its infection chain stealthy.