This blog post lists different kinds of attacks against WordPress, by way of payload examples we observed in the wild, and how attacks have used hacked admin access and API, Alfa-Shell deployment, and SEO poisoning to take advantage of vulnerable sites.Read More
An API misconfiguration in the open-source version of the popular DevOps tool Docker Engine-Community allows attackers to infiltrate containers and run a variant of AESDDoS.Read More
Cybercriminals targeting gamers are nothing new. We’ve reported many similar incidents in the past, from fake game apps to real-money laundering through online game currencies. Usually the aim is simple: to steal personal information and monetize it. And usually, for that purpose the game itself is abused.
In the particular scenario we are describing in this blog post, however, it is not the game that is being abused by the cybercriminals, but rather one of the communication tools used by the game players. We’re referring to Discord, a new-generation chat platform that gamers frequently use, with a user base of more than 45 million registered members.Read More
Imagine a well-experienced security analyst at a major company going through his normal routine of checking logs at the end of the workday. A quick look at the company’s security solution logs reveal nothing too peculiar or alarming — except for one thing: a higher than normal amount of traffic to the office’s newly introduced third-party chat platform.
He doesn’t give this much thought. After all, the company’s been pushing to have the chat platform as the main office communication tool, so it makes sense that there’d be more traffic than usual. The security analyst calls it a day and goes home.
One the way home, however, he gets an alert: The security scanner has detected a potential security issue. He returns to the office, and finds what appears to be the cause: A machine was flagged downloading known malicious files, which were then caught by the company’s security solution. Again, nothing too strange, but he decides to investigate just what triggered the malicious behavior.Read More