Malicious SEO Campaign Affects Thousands of Sites

In a massive malicious SEO campaign, cybercriminals are promoting low-quality Q&A sites by redirecting visitors to fake discussion forums. As a result, almost 15,000 sites have been compromised. In September 2022, researchers at Sucuri discovered the attacks. Each compromised site was found to contain approximately 20,000 files that were utilized in the search engine campaign. Researchers believe that the goal …

Lenovo Patches Critical Security Flaws

Lenovo reports that it has patched two critical security flaws that affected several of its ThinkBook, IdeaPad, and Yoga laptops. Lenovo is also recommending that consumers update their systems immediately. The flaws make it possible for cybercriminals to deactivate the UEFI Secure Boot tool, allowing them to load and run malicious scripts during the system boot process (before the OS …

Hundreds of U.S. News Outlets Affected by Malware

A cyber-security threat actor known as SocGholish has compromised a JavaScript code used by an unnamed media content provider. The malware is being used to spread the FakeUpdates malware to major media outlets across the United States. More than 250 regional and national newspaper sites are affected by the malicious JavaScript. Some impacted media organizations include the cities of Boston, …

New Microsoft Report Details Latest Cybersecurity Threats

According to Microsoft’s latest announcement, businesses should assess security measures to defend against evolving cyber-security threats. Microsoft released its Digital Defense Report (MDDR) for 2022. Microsoft released alarming statistics about the cyber threats that the company has faced in the last year, including phishing, identity theft, and ransomware attacks. Microsoft Security Update Alerts Tom Burt is Microsoft’s Corporate Vice President …

Ducktail Malware Returns With New PHP Variant

An advanced PHP variant of the Ducktail malware poses a risk to Facebook users. On October 13th, 2022, ZScaler, a cloud security firm, published a blog post detailing this latest discovery. The new PHP version is being distributed by “pretending to be a free/cracked program installer.” It also targets numerous platforms, such as Telegram and Microsoft Office applications. This revised …

Akamai Finds 13 Million Malicious Domains Each Month

According to a new Akamai analysis, the company’s experts classified about 79 million domains as dangerous in the first half of 2022; based on a NOD (newly observed domain) dataset, this is about 13 million malicious domains per month, representing 20.1% of all the successfully resolved NODs. According to Akamai, a NOD is any domain queried for the first time …

Updated Malware Attacks Point of Sale Devices

This year, security experts have found three updated versions of Prilex malware that target point-of-sale systems. In 2014, Prilex was a type of malware that targeted ATMs. It switched to PoS (point of sale) devices in 2016, but it wasn’t until 2020 that the malware reached its peak. After that, it faded away in 2021. Analysts at Kaspersky say that …

Modern Security Solutions For Evolving Ransomware Attacks

Based on a recent survey conducted by the folks at Titaniam, a solid majority of organizations have robust security tools in place. Yet nearly 40 percent of them have fallen victim to a ransomware attack in the past year. How can this be?  With conventional tools in place, how can this still be happening? The answer to that question is …

DuckDuckGo Email Privacy Service Beta Released

DuckDuckGo has a reputation for protecting the privacy of its users far more than most other companies.  Last year, the tiny search engine announced that they were experimenting with a free service designed to dodge email trackers as a means of further protecting the privacy of its users. The company’s Email Protection service works by stripping email trackers from messages. …