A new FakeUpdates campaign targeting WordPress sites has been detected
20/03/2024Over the past few weeks, a new wave of the FakeUpdates malware, also known as SocGholish, has been detected, aimed at WordPress websites. The objective is to lure users into downloading remote access trojans, allowing attackers to take control of their systems. Since its emergence in 2017, FakeUpdates has been one of the most recurring malicious software in the cyber threat landscape. It has previously been associated with cybercriminal groups like Evil Corp, who monetize its use by selling access to infected systems. In this new campaign, cybercriminals are using JavaScript to target WordPress web pages, compromising compromised administrator accounts to introduce altered versions of WordPress plugins. These adulterated versions deceive users into downloading remote access trojans, granting attackers full control over infected devices. What is the most popular type of malware? In addition to the FakeUpdates attack, the threat index from Check Point Research, whose researchers have warned about this new attack, reveals around 200 suspicious content websites directed by ransomware groups. They utilize double extortion tactics to pressure victims into paying immediate ransoms. These attacks have impacted many companies, with the Lockbit3 ransomware being the most utilized by cybercriminals, followed by Play and 8base. The most exploited vulnerabilities by malicious actors include 'Web Servers Malicious URL Directory Traversal,' 'Command Injection Over HTTP,' and 'Zyxel ZyWALL Command Injection,' affecting numerous companies worldwide and allowing attackers to access and manipulate files or execute commands on compromised systems. In Spain, despite a 7% decrease in malware attacks in February, the most sought-after malware includes FakeUpdates, Qbot, and Pandora. In the case of FakeUpdates, it has affected 11.9% of companies in Spain. Mobile Malware In the realm of mobile devices, Anubis remains the most utilized malware in Spain, followed by AhMyth and Hiddad, all designed to compromise the security and privacy of Android device users by collecting confidential information and executing malicious actions.
[ ... ]
eero
eeroEero is an American startup that was founded in 2014, popularized for being able to create and launch to the market before any networking company, the first mesh WiFi device system in 2016. Very few companies at the time offered a better WiFi solution to consumers. They brought a novel and efficient home Wi-Fi system with high-speed performance, super secure in every room of your home, increasing the efficiency of your internet and reducing network congestion. Eero is currently and since 2017 a company owned by Amazon.
[ ... ]
QUIC, the new official network protocol to replace TCP
04/06/2021QUIC, the network protocol designed by Google, has been presented by the Internet Engineering Task Force, IETF, as a new official Internet standard to replace TCP, the current main standard. Google's QUIC (Quick UDP Internet Connections) network protocol is designed to reduce latency with retransmissions taking less time, potentially reducing the waiting time for search results by 8% on computers and 4% on mobile devices, according to the paper released by Google in 2017. QUIC will replace TCP, the current main standard of the Internet since 1974 - when it was still Arpanet - and on which the operation of Internet elements such as the World Wide Web (WWW) logic system, file transmission, 'emails' and remote administration depend. The new QUIC protocol has already been published by the IETF, making it an official network protocol.
[ ... ]