In a massive malicious SEO campaign, cybercriminals are promoting low-quality Q&A sites by redirecting visitors to fake discussion forums. As a result, almost 15,000 sites have been compromised. In September 2022, researchers at Sucuri discovered the attacks. Each compromised site was found to contain approximately 20,000 files that were utilized in the search engine campaign. Researchers believe that the goal …
Lenovo Patches Critical Security Flaws
Lenovo reports that it has patched two critical security flaws that affected several of its ThinkBook, IdeaPad, and Yoga laptops. Lenovo is also recommending that consumers update their systems immediately. The flaws make it possible for cybercriminals to deactivate the UEFI Secure Boot tool, allowing them to load and run malicious scripts during the system boot process (before the OS …
Hundreds of U.S. News Outlets Affected by Malware
A cyber-security threat actor known as SocGholish has compromised a JavaScript code used by an unnamed media content provider. The malware is being used to spread the FakeUpdates malware to major media outlets across the United States. More than 250 regional and national newspaper sites are affected by the malicious JavaScript. Some impacted media organizations include the cities of Boston, …
New Microsoft Report Details Latest Cybersecurity Threats
According to Microsoft’s latest announcement, businesses should assess security measures to defend against evolving cyber-security threats. Microsoft released its Digital Defense Report (MDDR) for 2022. Microsoft released alarming statistics about the cyber threats that the company has faced in the last year, including phishing, identity theft, and ransomware attacks. Microsoft Security Update Alerts Tom Burt is Microsoft’s Corporate Vice President …
Ducktail Malware Returns With New PHP Variant
An advanced PHP variant of the Ducktail malware poses a risk to Facebook users. On October 13th, 2022, ZScaler, a cloud security firm, published a blog post detailing this latest discovery. The new PHP version is being distributed by “pretending to be a free/cracked program installer.” It also targets numerous platforms, such as Telegram and Microsoft Office applications. This revised …
Akamai Finds 13 Million Malicious Domains Each Month
According to a new Akamai analysis, the company’s experts classified about 79 million domains as dangerous in the first half of 2022; based on a NOD (newly observed domain) dataset, this is about 13 million malicious domains per month, representing 20.1% of all the successfully resolved NODs. According to Akamai, a NOD is any domain queried for the first time …
Three Growing Dark Web Dangers Businesses Face Right Now
Should you still be worried about the dark web? The short answer is yes. The dark web is active and thriving today. It’s actually busier than ever and still growing thanks in part to the rise of the gig economy. How Significant is the Dark Web These Days? The dark web is the world’s third-largest economy, and unlike the economy …
Updated Malware Attacks Point of Sale Devices
This year, security experts have found three updated versions of Prilex malware that target point-of-sale systems. In 2014, Prilex was a type of malware that targeted ATMs. It switched to PoS (point of sale) devices in 2016, but it wasn’t until 2020 that the malware reached its peak. After that, it faded away in 2021. Analysts at Kaspersky say that …
Modern Security Solutions For Evolving Ransomware Attacks
Based on a recent survey conducted by the folks at Titaniam, a solid majority of organizations have robust security tools in place. Yet nearly 40 percent of them have fallen victim to a ransomware attack in the past year. How can this be? With conventional tools in place, how can this still be happening? The answer to that question is …
DuckDuckGo Email Privacy Service Beta Released
DuckDuckGo has a reputation for protecting the privacy of its users far more than most other companies. Last year, the tiny search engine announced that they were experimenting with a free service designed to dodge email trackers as a means of further protecting the privacy of its users. The company’s Email Protection service works by stripping email trackers from messages. …