November 19, 2017 arrunadayy 4 comments

This week we wrote two articles about three WordPress plugins and Microsoft Word Vulnerability. Microsoft Word Vulnerability was there for 17 years but no one was aware of this. Read and take action as now these vulnerability is now in public domain. The most important story of the week was the one about Apple’s Face…

November 17, 2017 arrunadayy No comments exist

Security investigators have discovered a new, sophisticated form of malware based on Zeus banking Trojan that steals more than just bank account details. Dubbed Terdot, the banking Trojan has been around since mid-2016 and was initially designed to operate as a proxy to conduct Man-In-The-Middle (MITM) attacks, steal browsing information such as stored credit card information and…

November 16, 2017 arrunadayy No comments exist

Security vulnerabilities have been discovered in three popular WordPress plugins: Duplicator, Formidable Forms and Yoast SEO. The details of the vulnerabilities are as follows: Duplicator 1.2.28 and older vulnerable to stored XSS WPVulnDB also reports that the Duplicator, running on over 1 million active sites, fixed a stored cross site scripting vulnerability affecting versions 1.2.28 and older. This report…

November 15, 2017 arrunadayy No comments exist

Researchers claim Microsoft Word vulnerability, patched today, has existed for 17 years. Microsoft today released 53 security patches for the month of November as part of its routine Spot Tuesday upgrade. Among the solutions addresses CVE-2017-11882, an imperfection that has actually existed, undetected, in Microsoft Word for the past 17 years. The solutions introduced today…

November 12, 2017 arrunadayy 1 comment

The most important story of the week was the one about a fake Whatsapp application found in Google Play store that tricked over a million of users into downloading it. Let’s find out what happened in cyber security industry this week in our weekly security roundup. Grab your coffee or tea and read the news!…

November 11, 2017 arrunadayy 1 comment

WordPress recently removed a plugin known as “Animated Weather Widget by weatherfor.us.” from plugin repository. It appears that the plugin was removed for including JavaScript code that would mine cryptocurrency using the CPU resources of site visitors. How It Worked: A WordPress site owner installs the “Animated Weather” plugin. The plugin loads an iframe. This…

November 10, 2017 arrunadayy 1 comment

A recently found strain of Locky ransomware has actually been uncovered masquerading as genuine Microsoft Word files. An additional advancement of Locky ransomware is spreading out with destructive add-ons camouflaged as genuine files from efficiency applications like Microsoft Word and also Libre Office. Avira Lab identified the ransomware previously today. This type of Locky has the…

November 6, 2017 arrunadayy No comments exist

This week we could not publish any article due to my bad health so now let’s see the major stories of the past days in our weekly round-up. As always, the cyber-security landscape brings new challenges, so read on and keep yourselves informed! 1.Unencrypted USB stick with 2.5GB of data detailing airport security found in…

October 31, 2017 arrunadayy No comments exist

WhatsApp has finally rolled out its most anticipated feature “Delete For Everyone” that allows its over one billion users revoke their messages in case they sent those to wrong person or a group. You can only delete messages for everyone for up to seven minutes after sending. “Once seven minutes have passed, there is no…

October 28, 2017 arrunadayy No comments exist

This week we published a major security alert, one that should not be overlooked: be careful about Bad Rabbit, a ransomware outbreak delivered through a fake Adobe Flash Update. It’s significantly more threatening than its predecessors like non-Petya or WannaCry, because it also saves the collected information. This malware spread like wildfire through major organizations in…