Hackers Exploit Outdated WordPress Plugin to Backdoor Thousands of WordPress Sites
Apr 24, 2023Ravie LakshmananServer Security / WordPress
Threat actors have been observed leveraging a legitimate but outdated WordPress plugin to surreptitiously backdoor websites as...
Study: 84% of Companies Use Breached SaaS Applications – Here’s How to Fix it...
Apr 24, 2023The Hacker NewsSaaS Security
A recent review by Wing Security, a SaaS security company that analyzed the data of over 500 companies,...
Ransomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack
Apr 24, 2023Ravie LakshmananEndpoint Security / BYOVD
Threat actors are employing a previously undocumented "defense evasion tool" dubbed AuKill that's designed to disable endpoint...
Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering
Apr 24, 2023Ravie LakshmananCyber Espionage
The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia,...
Enterprise-Attacking Malware Toolkit Analyzing 70 Billion DNS
The ‘Decoy Dog’ malware toolkit, aimed at enterprises, was uncovered recently by the security analysts at Infoblox by analyzing 70 billion DNS records and...
Zero-Day Flaw Used to Create Google Accounts
An Israeli cybersecurity company, Astrix’s Security Research Group, discovered a 0-day vulnerability in Google’s Cloud Platform (GCP) dubbed Ghosttoken on June 19, 2022, which...
New All-in-One
Apr 24, 2023Ravie LakshmananCyber Risk / Dark Web
A new "all-in-one" stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale...
Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers
Apr 24, 2023Ravie LakshmananThreat Intel / Cyber Attack
Print management software provider PaperCut said that it has "evidence to suggest that unpatched servers are...
What is Single Sign on (SSO) ?
Single Sign-on is an authentication process that helps to log in to multiple applications using single login credentials. Security is enhanced through Single Sign-on...
ChatGPT Tricked To Write Malware while user in Developer Mode
Japanese cybersecurity experts warn that ChatGPT can be deceived by users who input a prompt to mimic developer mode, leading the AI chatbot to...