Tuesday 11th December 2018

Latest security news

New email scam targets WordPress users’ database credentials

about 97 days ago - Security

Security

A new email phishing scam is being sent to WordPress users encouraging them share their database credentials with attackers. The scam emails are allegedly being sent using a mailing script on a compromised website.

A new email phishing scam is being sent to WordPress users encouraging them share their database credentials with attackers. The scam emails are allegedly being sent using a mailing script on a compromised website.

Thousands of WordPress websites infected by new malware that maliciously redirects unsuspecting visitors

about 97 days ago - Security

Security

According to security firm Sucuri, the alleged "main contributors" to the spread of the infection are the tagDiv Newspaper theme and the Ultimate Member Plugin. Conservative estimates suggest the malware has infected at least 2,200 websites.

According to security firm Sucuri, the alleged "main contributors" to the spread of the infection are the tagDiv Newspaper theme and the Ultimate Member Plugin. Conservative estimates suggest the malware has infected at least 2,200 websites.

10,000 WordPress websites hacked and leveraged to ‘manipulate the entire online advertising supply chain’

about 97 days ago - Security

Security

The infection chain comprises a complex network of online publishers, ad resellers, ad networks and malware distributors. The initial hack exploits an alleged vulnerability in Wordpress version 4.7.1.

The infection chain comprises a complex network of online publishers, ad resellers, ad networks and malware distributors. The initial hack exploits an alleged vulnerability in Wordpress version 4.7.1.

European web host announces data breach comprising passwords, bank accounts and credit scores

about 97 days ago - Security

Security

DomainFactory, a subsidiary of Host Europe Group, claims its customers' personal data was accessible to 'outside parties' as of 29th January 2018. Some sources claim the attack originated from a DomainFactory customer.

DomainFactory, a subsidiary of Host Europe Group, claims its customers' personal data was accessible to 'outside parties' as of 29th January 2018. Some sources claim the attack originated from a DomainFactory customer.

Two British political parties have announced suspected data breaches

about 97 days ago - Security

Security

The suspected data breaches are believed to have affected members of the Welsh Conservatives and the Liberal Democrats. In both instances it's unclear how many users have been affected.

The suspected data breaches are believed to have affected members of the Welsh Conservatives and the Liberal Democrats. In both instances it's unclear how many users have been affected.

Healthcare platform announces data breach, declares ‘patient feedback entries’ may have been ‘improperly accessed’

about 97 days ago - Security

Security

HealthEngine, a doctor appointment booking service, has announced 59,600 "patient feedback entries" may have been "improperly accessed." The announcement comes one week after the platform was accused of passing patients' personal information to a personal injury law firm.

HealthEngine, a doctor appointment booking service, has announced 59,600 "patient feedback entries" may have been "improperly accessed." The announcement comes one week after the platform was accused of passing patients' personal information to a personal injury law firm.

An ‘unknown third party’ has accessed the backup files of data collection firm Typeform

about 97 days ago - Security

Security

The data collection firm identified the breach on 27th June and patched the vulnerability 30 minutes later. The data accessed by the attacker from Typeform's backup file was collected before 3rd May.

The data collection firm identified the breach on 27th June and patched the vulnerability 30 minutes later. The data accessed by the attacker from Typeform's backup file was collected before 3rd May.

Inbenta Technologies blames Ticketmaster for data breach

about 97 days ago - Security

Security

Inbenta's CEO claims the source of the problem was a single piece of JavaScript code that was modified by attackers. He also claims Ticketmaster placed the code on its payment pages without consulting Inbenta.

Inbenta's CEO claims the source of the problem was a single piece of JavaScript code that was modified by attackers. He also claims Ticketmaster placed the code on its payment pages without consulting Inbenta.

New malware infects WordPress websites and redirects traffic to pages comprising affiliate links

about 97 days ago - Security

Security

The malware identifies and deletes competing malware to ensure the host installation remains functional and the administrator oblivious. It also includes file upload functionality and the ability to update itself.

The malware identifies and deletes competing malware to ensure the host installation remains functional and the administrator oblivious. It also includes file upload functionality and the ability to update itself.

A ‘bug’ in a popular WordPress SEO plugin may have caused Google ranking dips

about 97 days ago - Security

Security

A 'bug' in the popular Yoast SEO plugin has deselected a setting that redirects attachment URLs to image location URLs. As a consequence, Google is indexing 5x as many URLs from some Wordpress installations.

A 'bug' in the popular Yoast SEO plugin has deselected a setting that redirects attachment URLs to image location URLs. As a consequence, Google is indexing 5x as many URLs from some Wordpress installations.

ICO fines University of Greenwich £120,000 for data breach

about 97 days ago - Security

Security

The fine was issued over a microsite developed in 2004. The ICO states data on as many as 19,500 staff and students was accessed and some of the data was highly sensitive in nature.

The fine was issued over a microsite developed in 2004. The ICO states data on as many as 19,500 staff and students was accessed and some of the data was highly sensitive in nature.