|
Rescooped by Gust MEES from WordPress and Annotum for Education, Science,Journal Publishing |
Scoop.it!
Gust MEES's insight:
Research and publish the best content.
Get Started for FREE
Sign up with Facebook Sign up with X
I don't have a Facebook or a X account
Already have an account: Login
ICT Security-Sécurité PC et Internet
87.1K views |
+0 today
ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Curated by
Gust MEES
 Your new post is loading...
Your new post is loading...
Scoop.it!
Scoop.it!
Yahoo users have been targeted in a phishing attack that starts with an “avoid account deactivation” email.
Scoop.it!
We were alerted to reports of a mass compromise of WordPress sites that lead to CRIDEX infection. To lure users to these compromised sites, the cybercriminals behind this employed spammed messages purporting to come from known legitimate sources such Better Business Bureau and LinkedIn, just to name a few.
===> These spam use social engineering tactics to entice unsuspecting users to click the link found in the email. <===
Scoop.it!
Security researchers from TrendMicro are reporting on mass compromise of WordPress sites, currently serving client-side exploits and malware to users.
Scoop.it!
Hackers are compromising WordPress 3.2.1 blogs in order to infect their visitors with the notorious TDSS rootkit, according to researchers from Web security firm Websense.
|
Scoop.it!
WordPress plugins are highly vulnerable, according to a recent report.
Gust MEES's insight:
Scoop.it!
WordPress installations received a security upgrade on Friday to patch a number of vulnerabilities.
The update to version 3.3.2, as well as 3.4 Beta 3, fixes issues in file uploaders Plupload and SWFUpload, and Adobe Flash embedding tool SWFObject. The new version also comes with fixes for several privilege escalation and cross-site scripting bugs.
Cyber criminals heavily use vulnerable WordPress sites to spread malware, and they may have been utilized in the recent Flashback trojan attacks on Mac OS X systems.
Scoop.it!
In late January 2012 and earlier this month, hundreds and perhaps thousands of ===> WordPress-based domains <===were compromised in a series of automated attacks. Though there was no official number given, the reason for the compromises has made itself known. They are being used as the final stage in a spam run, likely from the Cutwail botnet, to spread malware.
Exploit kits are looking to serve the Cridex Trojan, which harvests information such as cookies, FTP credentials and email accounts.
Scoop.it!
The Websense® ThreatSeeker® Network has detected a new wave of mass-injections of a well-known exploit that we've been following in Security LabsTM for months.
The majority of targets are Web sites hosted by the WordPress content management system. At the time of writing, more than 200,000 Web pages have been compromised, amounting to close to 30,000 unique Web sites (hosts).
The injection hijacks visitors to the compromised sites and rediects them to rogue AV sites that attempt to trick them into downloading and installing a Trojan onto their computer.
Scoop.it!
A few days ago, hundreds of websites, based on WordPress 3.2.1, were compromised. The attacker uploaded an HTML page to the standard Uploads folder and that page redirects the user to the Phoenix Exploit Kit.
Its logs show that users from at least four hundred compromised sites were redirected to Phoenix exploit pages.
|
Learn more:
- http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?tag=Cybersecurity
Learn more:
- http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?tag=Cybersecurity