Tag Archives: WordPress

10Fold- Security Never Sleeps- 153

WikiLeaks posts CIA documents on ways to install malware

“Details CIA procedures to install malicious programs”

WikiLeaks took to the internet again on Friday to publish a new array of classified documents from the CIA. The new leak has outlined the Grasshopper framework, a malware installation system that provides weaponized code onto a computer without the security systems blocking it.

Sathurbot Malware Spreads via Torrent Files, Attacks WordPress Sites

“Attempts at remote takeover of sites”

ESET security researchers have revelaed a new malware strain dubbed ‘Sathurbot,’ which uses malicious torrent files ro spread to new vitims. It proceeds to carry out coordinated WordPress attacks, with the intention of the eventual commandeering of the site. The common outcome is a host for malware download centers or SEO spam filters.

McAfee: Trend indicates 2017 will be bumper year for new malware

“Current trends bolster expectations”

McAfee labs has shown that new malware is being pumped out at incredible rates, and if the past two years are any indication this won’t end any time soon. Malware innovation to a net hit last year, with a nine-month lull in identified new strains, but this dip seems to have tapered off with new creators releasing several new strains over the last few months.

 

10Fold- Security Never Sleeps- 138

Critical McAfee ePO Flaw Patched

“Vulnerability ideal for user reconnaissance”

Intel’s security division has fixed a critical breach in the McAfee ePolicy Orchestrator security management product. Before the patch, users were susceptible to spying of an organizational infrastructure.

How Google fought back against a crippling IoT-powered botnet and won

“Google security engineer gives a behind-the-scenes account”

A bigger picture of the IoT attack on Krebs was revealed by a Google Security engineer at the Enigma security conference last Wednesday. After requests for help from Google, the engineering team weighed the benefits and assisted the website with defensive measures from IoT botnet attacks.

WordPress: Why we didn’t tell you about a big zero-day we fixed last week

“Concerns for users cited”

WordPress intentionally withheld information over security issues, drawing criticism from some users.  Aaron Campbell, a WordPress core Maintainer, gave the following statement regarding the decision:
“It is our stance that security issues should always be disclosed. In this case, we intentionally delayed disclosing this issue by one week to ensure the safety of millions of additional WordPress sites.”

Enjoy your read? Check out our other content here.