Security
September 19, 2017
Since we last reported on a version of the ELF Linux/Mirai malware containing cryptocurrency coin-mining tools in April, the IBM X-Force has noticed a steep increase in the volume of coin central processing unit (CPU) mining tools used in cyberattacks, specifically those targeting enterprise networks. According to IBM Managed Security […]
September 18, 2017
An unknown threat group compromised the CCleaner infrastructure. The attacker added malware to the CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191 installers, but the malware only executed on 32-bit systems and when run by a user with admin rights. The files were available for download between August 15 and September 12. […]
September 18, 2017
On Apache servers, .htaccess gives you great control over many important aspects of your site. .htaccess enables you to tighten security like (X-Security Header), optimize performance like (Cache Control), configure options, and much more. Also .htaccess works at the server level and can be much faster than scripted solutions. Here […]
September 1, 2017
Anubhav said the site was hosting a .zip archive that contained JavaScript that included obfuscated PowerShell. The PowerShell downloads a gif file which is in reality a Cerber executable. Cerber has been in circulation for more than a year, and like most
crypto-ransomware families, it has been spread by exploit kits, spam campaigns, and the same botnet used by the Dridex financial malware. Earlier this year, attackers were exploiting a critical Apache Struts vulnerability on Windows servers and dropping Cerber on the machines.
Anubhav and Mariano Palomo Villafranca, a malware analyst with Spanish telco Telefonica, today published an analysis of the attack. They point out that most U.S. .gov sites are whitelisted by reputation services, making them ideal malware hosts for attackers wishing to elude detection.
September 1, 2017
Unfortunately, there is a trend of Australian organisations who have experienced infections not reporting them, which is counter-productive to developing ways companies can implement safeguards against these types of attacks," he said. While the recent wave of cyber attacks have raised public awareness of Australia's vulnerability, Savvides said it's important to note that
despite the country's geographic isolation, it has never been isolated from threat.
"Australia consistently ranks in the top 10 of most attacked countries for a variety of cyber attacks, particularly ransomware due to
Australians' tendency to pay," he explained. "Australians have high disposable incomes, and a fairly laid-back attitude towards cybersecurity and data backup, making us ideal victims of cybercrime.
August 31, 2017
It’s important to understand how password protection on a folder works. When you choose to password protect a directory in cPanel, cPanel creates a rule in your .htaccess file. This rule specifies that the folder is protected and the visitor will need to provide the proper username and password to […]
August 31, 2017
What are WordPress Security Keys? WordPress Security Keys is a set of random variables that improve encryption of information stored in the user’s cookies. There are a total of four security keys: AUTH_KEY, SECURE_AUTH_KEY, LOGGED_IN_KEY, and NONCE_KEY. Why use WordPress Security Keys? These security keys makes it harder to crack […]
August 31, 2017
A Canadian university transferred more than $11 million CAD (around $9 million USD) to a scammer that university staff believed to be a vendor in a phishing attack, a university statement published on Thursday states.
August 31, 2017
Most of the time a website running WordPress is hacked by a silly misconfiguration that could be avoided during its development. That’s the idea of this article: a checklist of actions that you should take to increase the security of any WordPress website. During installation steps: Change the default table […]