Keylogger Campaign Returns, Infecting 2,000 WordPress Sites

Over 2,000 WordPress sites are infected as part of a keylogger campaign that leverages an old malicious script. Source: Threadpost

Sophisticated RedDrop Malware Targets Android Phones

A new strain of mobile malware found on an array of apps can pull out sensitive data – including audio recordings – from Android phones. Source: Threadpost

Military Contractor’s Vendor Leaks Resumes in Misconfigured AWS S3

Thousands of resumes and job applications from U.S. military veterans, law enforcement, and others were leaked by a recruiting vendor in an unsecured AWS S3 bucket. Source: Threadpost

Remote Code Execution Vulnerabilities Plague LibTIFF Library

Three vulnerabilities, all which can lead to remote code execution, exist in the LibTIFF library. Source: Threadpost

Decryption Utility Unlocks Files Encrypted by Jaff Ransomware

Researchers have neutralized the latest strain of the Jaff ransomware, releasing a decryption tool for unlocking files. Source: Threadpost

Multiple Bugs Found in QNAP Q’Center Web Console

QNAP said in a security advisorythat it has fixed the issues in Q'Center Virtual Appliance, and urged customers to update to the latest version. Source: Threadpost

Hacking Back? BriansClub Dark Web Attack a Boon for Banks

The theft of 26 million card records from an underground site offers valuable intel for banks. Source: Threadpost

Google Hit With $2.7 Billion Antitrust Fine

Claiming the company abused its dominance as a search engine to push its shopping service, search giant Google was hit with a hefty $2.7 billion fine this week. Source: Threadpost

Legislation Proposed to Secure Connected IoT Devices

Internet of Things Cybersecurity Improvement Act would mandate stringent security for connected devices sold to the federal government. Source: Threadpost

Malware That Targets Both Microsoft, Apple Operating Systems Found

A new strain of malware is designed to spread malware on either Mac OS X or Microsoft Windows, depending on where it’s opened. Source: Threadpost
- Advertisement -

APLICATIONS

Widespread ‘Smishing’ Campaign Defrauds Iranian Android Users

Attackers use socially engineered SMS messages and malware to compromise tens of thousands of devices and drain user bank accounts. Source: Threadpost