A week in security (October 28 – November 3)
A roundup of the latest cybersecurity news for the week of October 28 – November 3, including cyberattacks against SMBs, the Internet’s 50th birthday, stalkerware, donation scams, and more.
Mass WordPress compromises redirect to tech support scams
Thousands of WordPress sites have been injected with the same malicious redirection. We review the infection details and the malicious traffic leading to browser lockers.
How to secure your content management system
Popular content management systems are easy to install and use. But how easy is it to keep them secure?
Red Hen website suffers SEO spam compromise
A website belonging to an eatery currently making waves in the news has been compromised with SEO spam. We take a look at what’s happened, and explain what the hackers are up to.
‘FakeUpdates’ campaign leverages multiple website platforms
Browser update? Do not trust, and do verify before downloading potential malware.
Just For Men website serves malware
The website for Just For Men, a company that sells various products for men, had their website breached and was serving a password stealing Trojan. The malicious code embedded in the WordPress site was part of the EITest campaign and pushed the RIG exploit kit.
Gate To Nuclear EK Uses Fake CloudFlare DDoS Check
This rogue CloudFlare page hides a malicious payload.
Nuclear EK Leveraged In Large WordPress Compromise Campaign
A new wave of compromised sites pushes Nuclear exploit kit.
Reader’s Digest and other WordPress Sites Compromised, Push Angler EK
Reader’s Digest is among the latest compromised sites pushing Angler EK.
New Website Ransomware Variant Demands $999
Website owners are targeted with ransomware, this one asking for $999.
