Shane Chambers No Comments

WordPress Sites Seeing Increased Cyber Attacks Thanks to Plugin Vulnerability

The team behind Wordfence, a popular security plugin for WordPress, have reported seeing a large increase in cyber attacks aimed at WordPress-based websites over the last few weeks. This is believed to be due to a vulnerability in another WordPress plugin, File Manager, which has over 700,000 active installations. While the vulnerability only affects those running certain versions of the File Manager plugin, Wordfence reports that cyber attacks are up across the board, as cyber criminals cast a wide net with their attacks.

An estimated 455 million websites run on WordPress, accounting for more than 30% of sites worldwide.

WordPress is an immensely popular platform that allows users to create websites easily, often with little to no coding skills, and add functionality via plugins. WordPress has been around since 2003, and while it initially gained traction as a blogging platform, it has since gained a much larger audience.

Plugins are the bread and butter of WordPress, allowing users to add advanced functionality without writing complex code from scratch or paying a developer. However, like all software, plugins must be updated regularly to protect against vulnerabilities and prevent devastating zero-day attacks.

WordPress site owners who are using versions 6.0 to 6.8 of the File Manager plugin are advised to update the plugin immediately, as the recently-discovered vulnerability allows unauthorised parties (see: cyber criminals) to upload potentially malicious files or execute commands on their target site, with the potential to cause catastrophic damage.

Wordfence, whose security plugin protects WordPress sites against malicious traffic, has said that although the overall percentage of sites running the vulnerable versions of File Manager is low, they have seen a huge increase in bots attacks to check for weaknesses.

“Attacks against this vulnerability have risen dramatically over the last few days. Wordfence has recorded attacks against over one million sites today, September 4, 2020. Sites not using this plugin are still being probed by bots looking to identify and exploit vulnerable versions of the File Manager plugin, and we have recorded attacks against 1.7 million sites since the vulnerability was first exploited,” according to Wordfence’s Ram Gall.

“Although Wordfence protects well over three million WordPress sites, this is still only a portion of the WordPress ecosystem. As such, the true scale of these attacks is larger than what we were able to record.”

Incidences such as these where criminals jump up en-masse to take advantage of a vulnerability in a broadly-used plugin highlights how important it is to ensure your WordPress site is as up-to-date as possible. Plugins which are no longer in use should ideally be disabled to reduce a website’s risk.

The latest version (6.9) of the File Manager plugin mitigates this vulnerability and WordPress site owners are strongly advised to update to it as soon as possible.

Shane Chambers No Comments

Users Warned of Major New Phishing Campaign, Using Infected Excel Files

Microsoft has released a statement warning users to stay vigilant of phishing emails, as a malicious campaign has been detected which tricks users into downloading an Excel sheet containing harmful software. The criminals responsible are taking advantage of the confusion around Covid-19, as many others have been doing lately, to convince users that the emails are genuine and to enable macros within Excel once the file has been downloaded to their computer.

Users should be extremely wary of attachments they are not expecting, as many common file types can be injected with malware.
Read more
Shane Chambers No Comments

Three Major Antivirus Companies Breached by Russian Hackers

In the latest major security breach to rock the business world, three major US-based antivirus companies have been hit by Russian hacker group Fxmsp. Fxmsp, who are well known in the cyber security community for previous high-profile breaches, began advertising the spoils of their latest venture on the dark web for upwards of $300,000, while providing strong evidence of their claims.

Fxmsp is known for selling access to large, global corporate networks on the dark web.
Read more
Shane Chambers No Comments

DHL Phishing Campaign Found to Contain New Strain of Malware

Every year, the number of phishing scams seems to be increasing, with the malware-ridden emails getting continually more sophisticated and convincing. The latest global phishing campaign purporting to be from international courier giants DHL has been tricking users into opening a fake PDF attachment – and subsequently unleashed a previously unseen piece of malware to wreak havoc on their PCs.

Read more
Shane Chambers No Comments

Irish Businesses and Consumers Targeted by Extortion Email Scam

It’s 2018, and phishing emails are just an expected part of life for email users around the world, containing all manner of malware within concealed links and dodgy attachments. Most of us can recognise poorly spelled phishing emails that lack any real context, but what happens when something more complex hits your inbox? What if a cyber criminal emailed you your password – a real password you’ve used – and told you that they had compromising videos of you and more? What if they said that unless you pay a Bitcoin ransom, they would share this incriminating footage with everyone on your contacts list? That’s exactly what has been happening to thousands of Irish users, to both personal and corporate email addresses.

Cyber criminals are ever trying to find newer, more sophisticated means to scam the general public and businesses through phishing

Read more