122 online forums compromised to redirect visitors to Fiesta exploit kit
Over a hundred forum websites have been compromised and injected with code that redirects users to sites hosting the Fiesta exploit kit, Cyphort researchers have found. These …
Large malvertising campaign linked to potentially compromised Google ad reseller
Dutch infosec firm Fox IT has spotted a lage scale malvertising campaign that seems to originate from Bulgarian Google ad reseller EngageLab. The first redirection has been …
WordPress sites compromised to redirect to Pirate Bay clone, exploit kit
Malwarebytes researchers have spotted another malware delivery campaign that uses compromised WordPress sites to redirect users to a page hosting an exploit kit. The total …
Xtube visitors redirected to exploit kit landing page
Popular adult site Xtube has been compromised to redirect visitors to sites hosting an exploit kit. “Unlike other attacks we have seen in recent times, this one does not …
Multifunctional Vawtrak malware now updated via favicons
The Vawtrak (aka Snifula) multifunctional malware has been around since mid-2013. Its information-stealing, backdoor and spying capabilities deservedly earned it the …
WordPress plugin used by millions sports critical site-hijacking flaw
Another popular Yoast WordPress plugin has been found sporting a critical vulnerability that can be exploited by attackers to take over control of the site. A week ago it was …
Exploit kits in 2015: What can we expect?
Since 2006, when the earliest exploit kit (WebAttacker) was made available in the crimeware market, these hack toolkits have become one of the preferred ways for cybercrooks …
Angler exploit kit and domain shadowing: A deadly combination
Attackers wielding the infamous Angler exploit kit are increasingly using hijacked registrant accounts to create huge amounts of subdomains for both redirecting victims and …
Compromised cPanel “Account Suspended” pages redirect to exploit kit
All Internet users have, at least once in their lives, seen the following “Account Suspended” page: That’s because it’s part and parcel of cPanel, one …
Researchers create automated signature compiler for exploit detection
A trio of researchers from Microsoft and University of Erlangen-Nuremberg have created Kizzle, a compiler for generating signatures for detecting exploit kits delivering …
Pwn2Own 2015: New rules, prizes, and potential problems
If you intend to participate in the Pwn2Own competition at the CanSecWest 2015 conference on March 18 and 19 in Vancouver, Canada, you would do well to consult with a legal …
Google Play flaw opens Android devices to silent malware installation
Android users are in danger of getting malicious apps silently installed on their devices by attackers, warns Rapid7’s Tod Beardsley, technical lead for the Metasploit …
Featured news
Sponsored
Don't miss
- Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)
- Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947)
- Is an open-source AI vulnerability next?
- OWASP dep-scan: Open-source security and risk audit tool
- Ebury botnet compromises 400,000+ Linux servers