Fake WordPress Plugin Comes with Cryptocurrency Mining Function

Posted by & filed under Security Alerts.

Malicious plugins for WordPress websites are being used not just to maintain access on the compromised server but also to mine for cryptocurrency. Researchers at website security company Sucuri noticed the number of malicious plugins increase over the past months. The components are clones of legitimate software, altered for nefarious purposes. Normally, these fake plugins… Read more »

Attackers Hide Backdoors and Cryptominers in WAV Audio Files

Posted by & filed under Security Alerts.

Attackers behind a new malicious campaign are using WAV audio files to hide and drop backdoors and Monero cryptominers on their targets’ systems as BlackBerry Cylance threat researchers discovered. While various other malware peddlers were previously observed injecting payloads in JPEG or PNG image files [1, 2, 3] with the help of steganography, a well-known technique used to evade anti-malware detection, this… Read more »

Adobe Fixes 45 Critical Vulnerabilities in Acrobat and Reader

Posted by & filed under Security Alerts.

Adobe has released security updates to resolve vulnerabilities that could allow attackers to gain unauthorized access, execute commands on vulnerable computers, or elevate their privileges. Of particular concern are the 45 Critical vulnerabilities found in Adobe Acrobat and Reader. As both programs are widely used, and these vulnerabilities could allow attackers to execute code on… Read more »