BleepingComputer.com

"Critical Forminator plugin flaw impacts over 300k Wordpress sites."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 21 April 2024, 1354 UTC.

Content and Source:  https://www.bleepingcomputer.com/BleepingComputer.com.

Please scroll down to read your articles.  To access today's and past posts, please check the "Archive" tab in the blog sidebar.

Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

Get work organized with $230 off Microsoft Project Professional 2021

  • Project management is increasingly a central job skill, and professional tools make it easier to perform. This Microsoft Project Professional 2021 instant download helps you make it happen for $19.97, $230 off the $249 MSRP, now through 11:59pm PST April 22nd.

    • BLEEPINGCOMPUTER DEALS
      •  
    • APRIL 21, 2024
      •  
    • 08:19 AM
      •  
    • Comment Count 0
  • WordPress
     
    SECURITY

Critical Forminator plugin flaw impacts over 300k WordPress sites

  • The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted file uploads to the server.

  • GitHub
     
    SECURITY

GitHub comments abused to push malware via Microsoft repo URLs

  • A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy.

  • Datacenter Network Switch
     
    DEALS

Preparing for IT exams? This library of study guides is now under $30

  • With this deal, you get lifetime access to the library of 10 study guides on desktop and mobile devices worth $259, but you can get them today for just $29.99.

    • BLEEPINGCOMPUTER DEALS
      •  
    • APRIL 20, 2024
      •  
    • 08:09 AM
      •  
    • Comment Count 0
  • Bitcoin Lock
     
    SECURITY

The Week in Ransomware - April 19th 2024 - Attacks Ramp Up

  • While ransomware attacks decreased after the LockBit and BlackCat disruptions, they have once again started to ramp up with other operations filling the void.

  • CrushFTP
     
    SECURITY

CrushFTP warns users to patch exploited zero-day “immediately”

  • CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability fixed in new versions released today, urging them to patch their servers immediately.

  • Hello Kitty Ransomware
     
    SECURITY

HelloKitty ransomware rebrands, releases CD Projekt and Cisco data

  • An operator of the HelloKitty ransomware operation announced they changed the name to 'HelloGookie,' releasing passwords for previously leaked CD Projekt source code, Cisco network information, and decryption keys from old attacks..

  • MITRE
     
    SECURITY

MITRE says state hackers breached its network via Ivanti zero-days

  • The MITRE Corporation says a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days.

  • United Nations Development Programme UNDP
     
    SECURITY

United Nations agency investigates ransomware attack, data theft

  • ​The United Nations Development Programme (UNDP) is investigating a cyberattack after threat actors breached its IT systems to steal human resources data.

  • Palo Alto
     
    SECURITY

22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks

  • Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely vulnerable to the CVE-2024-3400 flaw, a critical command injection vulnerability that has been actively exploited in attacks since at least March 26, 2024.

  • Visio
     
    DEALS

Save $230 off Microsoft Visio Professional 2021 in this flash sale

  • Visualizing data pulls out the most important aspects of it. This instant download of Microsoft Visio 2021 Professional for Windows helps you do that for $19.97, $230 off the $249 MSRP in our flash sale only going on until 11:59pm PST April 22nd.

    • BLEEPINGCOMPUTER DEALS
      •  
    • APRIL 19, 2024
      •  
    • 07:12 AM
      •  
    • Comment Count 0
  • Data theft data breach hacker cyberattack
     
    SECURITY

Fake cheat lures gamers into spreading infostealer malware

  • A new info-stealing malware linked to Redline poses as a game cheat called 'Cheat Lab,' promising downloaders a free copy if they convince their friends to install it too.

  • Frontier
     
    SECURITY

Frontier Communications shuts down systems after cyberattack

  • ​American telecom provider Frontier Communications is restoring systems after a cybercrime group breached some of its IT systems in a recent cyberattack.

  • Simone Veil
     
    SECURITY, HEALTHCARE

840-bed hospital in France postpones procedures after cyberattack

  • The Hospital Simone Veil in Cannes (CHC-SV) has announced that it was targeted by a cyberattack on Tuesday morning, severely impacting its operations and forcing staff to go back to pen and paper.

  • Hackers cryptocurrency
     
    SECURITY

FBI: Akira ransomware raked in $42 million from 250+ victims

  • According to a joint advisory from the FBI, CISA, Europol's European Cybercrime Centre (EC3), and the Netherlands' National Cyber Security Centre (NCSC-NL), the Akira ransomware operation has breached the networks of over 250 organizations and raked in roughly $42 million in ransom payments.

  • Security Cybersecurity
     
    DEALS

Get started in ethical hacking with $98 off this training bootcamp

  • Ethical hacking helps you go on the offensive against digital crooks. Learn how it works with these 11 white-hat hacking courses for $44.99, $98 off the $143 MSRP.

    • BLEEPINGCOMPUTER DEALS
      •  
    • APRIL 18, 2024
      •  
    • 02:11 PM
      •  
    • Comment Count 0
  • Whale
     
    SECURITY

Google ad impersonates Whales Market to push wallet drainer malware

  • A legitimate-looking Google Search advertisement for the crypto trading platform 'Whales Market' redirects visitors to a wallet-draining phishing site that steals all of your assets.

  • Microsoft Office
     
    MICROSOFT

Microsoft Office LTSC 2024 preview available for Windows, Mac

  • A preview of Microsoft Office LTSC 2024, a volume-licensed and perpetual version of Office for commercial customers, is now available for Windows and macOS users.

  • Lastpass
     
    SECURITY

Cybercriminals pose as LastPass staff to hack password vaults

  • LastPass is warning of a malicious campaign targeting its users with the CryptoChameleon phishing kit that is associated with cryptocurrency theft.

  • Android
     
    DEALS

Add a 5G Android tablet to your gear with $130 off this TCL Tab 10

  • A good tablet is a crucial piece of your work gear, as a second screen, an entertainment center, and much more. This TCL 5G tablet provides power and space for $119.99, $130 off the $249 MSRP.

    • BLEEPINGCOMPUTER DEALS
      •  
    • APRIL 18, 2024
      •  
    • 07:19 AM
      •  
    • Comment Count 0
VIEW MORE

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

SecurityWeek Briefing.

Image
"Microsoft offers up to $15,000 in New AI Bug Bounty Program." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 13 October 2023, 2020 UTC.  Content provided by email subscription to "SecurityWeek Briefing." Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGtxdZHmrfcBkMDJSSNTtHlmhQX ("SecurityWeek Briefing"). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). SecurityWeek News Briefing | Friday, October 13, 2023 CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware Juniper Networks Patches Over 30 Vulnerabilities in Junos OS In Other News : Ex-Uber Security Chief Appeal, New Offerings From Tech Giants, Crypto Bounty Dozens of Squid Proxy Vulnerabilities Remain Unpatched 2 Years After Disclosure Microsoft Offers Up to $15,000 in New AI Bug Bounty Program Researcher Co
Read more

SecurityWeek Briefing.

Image
"Health Care Solutions giant disrupted by Cyberattack." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 19 October 2023, 2033 UTC.  Content provided by email subscription to "SecurityWeek Briefing." Source:  https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGwHLhdlHbpbQJXqhLLSvQbhdnC ("SecurityWeek Briefing"). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). SecurityWeek News Briefing | Thursday, October 19, 2023 Healthcare Solutions Giant Disrupted by Cyberattack Thousands of Remote IT Workers Sent Wages to North Korea to Help Fund Weapons Program CipherStash Raises $3 Million for Encryption-in-Use Technology US Government Releases Anti-Phishing Guidance Google Play Protect Gets Real-Time Code Scanning Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,00
Read more

Cyber War News Wire.

Image
 "Navy establishes cyber warfare enlisted rating." Views expressed in this cyber war, cybersecurity, cyber espionage update are those of the reporters and correspondents.  Accessed on 02 July 2023, 2311 UTC.  Content provided by EIN Presswire. Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGtvsTbTPlbNrgzDpppFbtXwWxF ("Cyber War News Wire" from EIN Presswire). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). ·  Subscribe  ·  Unsubscribe My Alerts       Cyber War Newswire Got News to Share? Send 2 FREE Releases ↓ Daily update  ·  July 2, 2023     NEWS     Navy Establishes Cyber Warfare Enlisted Rating  Seapower Magazine ***** ARLINGTON, Va. — The U.S. Navy’s effort to expand its cyber warfare capabilities took another step with the establishment of the Cyber Warfare Technician (CWT) rating in its enlisted force.  The CTWs will conduct both offensive and defensive
Read more