SUNNYVALE, CA - FortiGuard Labs reports that they have discovered many .ZIP domains are responsible for phishing attacks on users by automatically downloading a malicious executable titled “file.exe” to their computers. Phishing attacks have been a thorn in the side of computer users for years due to the fact that they often are able to camouflage themselves as innocuous programs or prompts that seemingly pose no threat, but in reality can cause a great deal of … [Read more...]
Reported Twitter Data Breach Potentially Affects 5.4 Million Accounts
WEST PALM BEACH, FL – Stolen personal information from 5.4 million Twitter users has been discovered for sale on a hacker forum. With this information, including emails and phone numbers, cybercriminals can create profiles to target victims with spam or phishing attempts which could lead to identity theft. Twitter is currently investigating claims that a near-seven-month-old vulnerability in its software has been exploited and the hacker is asking for $30,000 for the … [Read more...]
Critical Vulnerability Exposes over 700,000 Sites Using WP Divi, Extra, and Divi Builder
WEST PALM BEACH, FL - This morning, the Wordfence Threat Intelligence Team published details about a critical vulnerability discovered in two themes by Elegant Themes, Divi and Extra, as well as the Divi Builder plugin. Combined, these products are installed on an estimated 700,000 sites. Elegant Themes provides some of the most popular WordPress themes in the world and includes a visual page builder. We initially reached out to Elegant Themes on July 23, 2020 and, … [Read more...]
It’s Only A Matter of Time Until You Need to Be Licensed to Operate A Web Server
PALM BEACH, FL – I have been thinking about this off and on for a few years now, but I have never really posted or written about it. That is because it is an awful prediction that I hate the idea of, but I think it is going to eventually happen. Here it goes…. I predict that to operate a web server sometime in the near future, you will be required to have a license, or have passed a basic course in IT security or Cybersecurity intrusion mitigation. Not at the single site … [Read more...]
WordPress Vulnerability for Sites Running WooCommerce with “Shop Manager” Role
NEW YORK, NY – If you're running a WordPress website and are utilizing the popular WooCommerce plugin, a shopping cart used by roughly four-million sites, there is a new vulnerability which requires that your WooCommerce plugin be up to date, or users marked as “Shop Managers” could hijack your site and virtually wipe out all data by compromising your administrator account. This new vulnerability was first reported to WordPress and WooCommerce in August when it was … [Read more...]
Drupal Content Management System’s ‘Highly Critical’ Vulnerability Warning
NEW YORK - If you're running the Drupal Content Management System on any of your websites its time to ensure you've updated its core as soon as possible. On March 28, 2018, an announcement from Drupal detailing a severe core vulnerability was released. The vulnerability allows an attacker to potentially compromise an entire site running most older and many newer versions of the CMS such as releases within versions 6, 7 and 8. There are a list upgrades and patches available … [Read more...]
Misfortune Anyone? This Dangerous Vulnerability Could Be Lurking In Your Network Router
NEW YORK, NY - Misfortune Anyone? Today, WordFence [I really love these people], a company whom distributes a popular security plugin for WordPress websites, released a great article about a vulnerability on computer networks that is being exploited. With the article they also included a simple button which you can use to scan your network's vulnerability, so that if you are vulnerable to this Internet router exploit, you will know about it ASAP and can begin hounding … [Read more...]