Tag Archives: Malware

Hackers have found yet another cloud-based service they can use to bypass email protection and land phishing emails straight into people’s inboxes.

Security researchers from Cisco Talos have reported observing malicious files built on digital document publishing (DDP) platforms, such as Publuu, Marq, FlipSnack, Issuu, FlippingBook, RelayTo and SimpleBooklet. These platforms allow users to create interactive flipbooks out of PDF files.

WordPress websites are under attack! FakeUpdates malware exploits vulnerabilities and injects malicious code. LockBit3 dominates the world of ransomware. Web server flaws leave organizations exposed. Experts advocate strong security and zero tolerance for cyber threats.

As of March 2024, approximately 835 million websites are utilizing the WordPress Content Management System (CMS). This vast presence makes WordPress an extremely lucrative target for cybercriminals.

To highlight the ongoing threats to WordPress, according to the February 2024 Global Threat Index released by Check Point Software Technologies Ltd., this week, researchers have uncovered a fresh wave of cyber threats including malware attacks aimed at WordPress websites.

The campaign, identified as

Bad actors are using fake Zoom, Microsoft’s Skype and Google Meet websites to distribute malware.

As discovered by Zscaler ThreatLabz researchers, threat actors have been impersonating video conferencing brands to spread various malware targeting both Android and Windows users since December 2023.

The spoofed sites, designed in Russian and hosted on URLs eerily similar to their legitimate versions, suggest that attackers are employing “typosquatting” tactics to entice potential victims into downloading malware — meaning some users might not notice the typo in the domain and so believe they will be on the legitimate website.

Zscaler ThreatLabz wrote:

The attacker utilized shared web hosting, hosting all these fake online meeting sites on a…

North Korean state-sponsored threat actors were observed using the recently discovered ScreenConnect vulnerabilities to steal sensitive data from their targets. 

A new report from Kroll shared with TechRadar Pro found a group known as Kimsuky (AKA Thallium) abused two flaws found in ConnectWise’s solution to drop ToddleShark, an upgraded version of the group’s other backdoors, BabyShark and ReconShark. 

Top web hosting company Hostinger says that 2023 proved to be a particular bumper year for malware, as its Monarx powered scanner service successfully identified and cleaned close to 500 million threats through the year, which equates to 250 instances per customer.

While this figure is half of what it was in 2022, this is largely due to the company’s successful efforts to combat Phoenix, an uploader notorious for delivering other malware to systems.