U.S. Government Issues Urgent Warning of DNS Attacks

by Prof. Dr. Athir Muharib Al-Suhairi | د. أثير محارب السهيريCloud Security, DNS, Web SecurityPosted on Comments are Disabled

An emergency directive from the Department of Homeland Security provides “required actions” for U.S. government agencies to prevent widespread DNS hijacking attacks. The Department of Homeland Security is ordering all federal agencies to urgently audit Domain Name System (DNS) security for their domains in the next 10 business days. The department’s rare “emergency directive,” issued …

Read more “U.S. Government Issues Urgent Warning of DNS Attacks”

Cryptomining Malware Uninstalls Cloud Security Products

by Prof. Dr. Athir Muharib Al-Suhairi | د. أثير محارب السهيريCloud Security, MalwarePosted on Comments are Disabled

New samples of cryptomining malware performs a never-before-seen function: uninstalling cloud security products. Researchers say they have discovered a unique malware family capable of gaining admin rights on targeted systems by uninstalling cloud-security products. Instances of the malicious activity are tied to coin-mining malware targeting Linux servers. Palo Alto Networks’ Unit 42, which published the report …

Read more “Cryptomining Malware Uninstalls Cloud Security Products”

WORDPRESS DELIVERS SECOND PATCH FOR SQL INJECTION BUG

by Prof. Dr. Athir Muharib Al-Suhairi | د. أثير محارب السهيريCloud SecurityPosted on Comments are Disabled

A bug exploitable in WordPress 4.8.2 and earlier creates unexpected and unsafe conditions ripe for a SQL injection attack, exposing sites created on the content management system to takeover. WordPress released WordPress 4.8.3 Tuesday, which mitigates the vulnerability. “This is a security release for all previous versions and we strongly encourage you to update your …

Read more “WORDPRESS DELIVERS SECOND PATCH FOR SQL INJECTION BUG”

CRYPTOCURRENCY MINING MALWARE HOSTED IN AMAZON S3 BUCKET

by Prof. Dr. Athir Muharib Al-Suhairi | د. أثير محارب السهيريCloud SecurityPosted on Comments are Disabled

As Bitcoin’s price continues to soar beyond $4,000 USD per, cybercriminals are responding in kind by using techniques long reserved for adware, click-fraud and spying to now drop cryptocurrency miners onto compromised computers. The latest incident comes from a rash of drive-by downloads that are being used to install coin-mining malware called Zminer, according to …

Read more “CRYPTOCURRENCY MINING MALWARE HOSTED IN AMAZON S3 BUCKET”