A new FakeUpdates campaign targeting WordPress sites has been detected
20/03/2024Over the past few weeks, a new wave of the FakeUpdates malware, also known as SocGholish, has been detected, aimed at WordPress websites. The objective is to lure users into downloading remote access trojans, allowing attackers to take control of their systems. Since its emergence in 2017, FakeUpdates has been one of the most recurring malicious software in the cyber threat landscape. It has previously been associated with cybercriminal groups like Evil Corp, who monetize its use by selling access to infected systems. In this new campaign, cybercriminals are using JavaScript to target WordPress web pages, compromising compromised administrator accounts to introduce altered versions of WordPress plugins. These adulterated versions deceive users into downloading remote access trojans, granting attackers full control over infected devices. What is the most popular type of malware? In addition to the FakeUpdates attack, the threat index from Check Point Research, whose researchers have warned about this new attack, reveals around 200 suspicious content websites directed by ransomware groups. They utilize double extortion tactics to pressure victims into paying immediate ransoms. These attacks have impacted many companies, with the Lockbit3 ransomware being the most utilized by cybercriminals, followed by Play and 8base. The most exploited vulnerabilities by malicious actors include 'Web Servers Malicious URL Directory Traversal,' 'Command Injection Over HTTP,' and 'Zyxel ZyWALL Command Injection,' affecting numerous companies worldwide and allowing attackers to access and manipulate files or execute commands on compromised systems. In Spain, despite a 7% decrease in malware attacks in February, the most sought-after malware includes FakeUpdates, Qbot, and Pandora. In the case of FakeUpdates, it has affected 11.9% of companies in Spain. Mobile Malware In the realm of mobile devices, Anubis remains the most utilized malware in Spain, followed by AhMyth and Hiddad, all designed to compromise the security and privacy of Android device users by collecting confidential information and executing malicious actions.
[ ... ]
Cookies
A cookie is a file that is downloaded to your computer to access certain web pages. Cookies allow a website, among other things, to store and retrieve information about the browsing habits of a user or their equipment and, depending on the information they contain and how you use your computer, they can be used to recognize the user. However, this only means obtaining information related to the number of pages visited, the city assigned the IP address from which you accessed, the number of new users, frequency and recurrence of visits, time of visit, the browser or the operator or terminal type from which the visit takes place. In no event will data be obtained about the full name or address from which the user is connected. The cookies used on this website and the specific purpose of each one are: UTMA Cookie: We use this cookie to count how many times a unique user visits the site. UTMB Cookie: We use this cookie to calculate how long a user stays on a page. UTMZ Cookie: This cookie stores the visitor's origin, the path followed to access the web, either the direct access from a link on another website, from an email link using certain keywords in a search engine, through a display campaign, or through an AdWords ad. UTMC Cookie: The current JavaScript code that Google Analytics uses does not require this cookie. This cookie is used, along with the utmb cookie, to determine if after more than 30 minutes on the same page a new session should or should not be established for the user. This cookie is still written to ensure compatibility with the websites where you installed the old urchin.js tracking code. PHPSESSID Cookie: We use this cookie to identify the relevant user. You can allow, block or delete cookies installed on your computer by setting your browser options. You can find information about how, in relation to the most common browsers, on the links listed below: Explorer: http://windows.microsoft.com/es-es/windows7/how-to-manage-cookies-in-internet-explorer-9 Firefox: http://support.mozilla.org/es/products/firefox/cookies Chrome: http://support.google.com/chrome/bin/answer.py?hl=es&answer=95647 Safari: http://support.apple.com/kb/ph5042 Please note, however, that there is the possibility that disabling any cookie may prevent or hinder navigation or the provision of services offered on this website.
[ ... ]
New Microsoft update to solve VPN connectivity failures in Windows
24/01/2022Update for Windows is now available – KB5009543 for Windows 10 and KB5009566 for Windows 11 – and fixes connectivity issues experienced by some Virtual Private Network (VPN) tools after installing the latest patch. The update, explains Microsoft, eliminates these errors in their own VPN tool and in the ones of several external companies. The update also includes solutions for other failures related to the restart of Windows Server domain controllers and also, solutions for the bootable problems on virtual machines and with ReFS-formatted removable media. The new update is a 'Out-of-band' (OOB) type because it's not included in the usual Microsoft release schedule.
[ ... ]