WordPress Plugin Bug Opens 100K Websites to Compromise

Legions of website visitors could be infected with drive-by malware, among other issues, thanks to a CSRF bug in Real-Time Search and Replace. A high-severity cross-site request forgery (CSRF) vulnerability in Real-Time Find and Replace, a WordPress plugin installed on more than 100,000 sites, could lead to cross-site scripting and the injection of malicious JavaScriptContinue reading “WordPress Plugin Bug Opens 100K Websites to Compromise”

Blaze’s Security Blog: Satan ransomware rebrands as 5ss5c ransomware

5ss5c ransomware, Satan ransomware, DBGer ransomware, 5ss5c, 5ss5c@mail.ru, 5ss5c_token, 5ss5c_CRYPT, 5SS5C Encoder — Read on bartblaze.blogspot.com/2020/01/satan-ransomware-rebrands-as-5ss5c.html

Artificial Personas and Public Discourse – Schneier on Security

Artificial Personas and Public Discourse – Schneier on Security — Read on http://www.schneier.com/blog/archives/2020/01/artificial_pers.html

CISA Releases Test Tool for Citrix ADC CVE-2019-19781 Vulnerability

DHS CISA released a public domain tool designed to help security staff to test if their organizations are vulnerable to ongoing attacks that might target the CVE-2019-19781 security flaw impacting the Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) products. — Read on http://www.bleepingcomputer.com/news/security/cisa-releases-test-tool-for-citrix-adc-cve-2019-19781-vulnerability/

Unencrypted Mobile Traffic on Tor Network Leaks PII | Threatpost

Researchers create digital dossiers of mobile users scraped from Tor network traffic. — Read on threatpost.com/unencrypted-mobile-traffic-tor-network-leaks-pii/149200/

Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers

Hackers Planted Secret RCE Backdoor in Popular Webmin Utility for Linux/Unix Servers — Read on thehackernews.com/2019/08/webmin-vulnerability-hacking.html

Who Owns Your Wireless Service? Crooks Do. — Krebs on Security

Who Owns Your Wireless Service? Crooks Do. — Krebs on Security — Read on krebsonsecurity.com/2019/08/who-owns-your-wireless-service-crooks-do/

Clever Amazon Phishing Scam Creates Login Prompts in PDF Docs

The goal of any phishing scam is to make you do something you shouldn’t do. Such is the case with a phishing campaign that utilizes PDF attachments that display login prompts that to many would look legitimate. — Read on http://www.bleepingcomputer.com/news/security/clever-amazon-phishing-scam-creates-login-prompts-in-pdf-docs/

Attorney General William Barr on Encryption Policy – Schneier on Security

Attorney General William Barr on Encryption Policy – Schneier on Security — Read on http://www.schneier.com/blog/archives/2019/07/attorney_genera_1.html

Quantum Scientists Have Built The First Silicon Two-Qubit Gate Between Atom Qubits

In a major step forward for atomic-scale quantum computing, scientists have built the first two-qubit gate between atoms in silicon, allowing qubits to communicate with each other and perform operations faster than ever before. — Read on http://www.sciencealert.com/quantum-scientists-have-built-the-first-silicon-two-qubit-gate-between-atom-qubits