Security Alerts & News
by Tymoteusz A. Góral

History
#885 WordPress patches 0-day in WP Mobile Detector plugin
A WordPress plugin was patched Thursday night, close to a week after reports began to surface of public attacks against a zero-day vulnerability.

WP Mobile Detector was pulled from the WordPress Plugin Directory once the attacks went public. It was restored last night and users are urged to update to version 3.7 immediately. The plugin detects if a visitor to a WordPress site is using a smartphone and delivers a compatible theme.

Researchers at Sucuri said yesterday that attacks against WordPress sites running the plugin started on May 27. The zero-day was disclosed on Tuesday by Plugin Vulnerabilities, a WordPress security site. The flaw allows an attacker to upload arbitrary files.
Read more
#887 Updated CryptXXX ransomware big money potential
#886 NTP patches flaws that enable DDoS
#885 WordPress patches 0-day in WP Mobile Detector plugin
#884 Does your website suck on mobile? Find out using Google's free new tool
#883 Ransomware as a service, inside an organized Russian ransomware campaign (PDF)
#882 FastPOS: Quick and easy credit card theft
#881 Marcher mobile bot adds UK targets, steps up banking fraud capabilities
#880 IRONGATE ICS malware: Nothing to see here... masking malicious activity on SCADA systems
#879 Stop Facebook tracking you across the web, change these settings
#878 Facebook’s new DeepText AI understands almost everything we write
#877 Hacked TeamViewer users 'careless' in personal security
#876 FireEye: Organisations should stop playing malware whack-a-mole
#875 ​Former cyber defence head: Ethics should be at the core of cybersecurity
#874 Dropbox smeared in week of megabreaches
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12