threat

Malware & Threats

Issued by: Security Week

Specialized in Magento optimizations and Magento-WordPress integrations, FishPig offers various Magento extensions that have gathered over 200,000 downloads. On Tuesday, FishPig warned of an intrusion to its extension license system, which resulted in a threat actor injecting malicious PHP code into the Helper/License.php file. “This file is included in most FishPig extensions so it is…

Malware & Threats

Issued by: Dark Reading

The threat associated with nation-state-backed hacking groups has been well-researched and chronicled in recent times, but there’s another, equally dangerous set of adversaries that’s operated comparatively in the shadows for years. These are hack-for-hire groups that specialize in breaking into systems and stealing email and other data as a service. Their clients can be private…

Vulnerabilities

Issued by: Security Week

The developers of Spring, which is owned by VMware and said to be the world’s most popular Java application development framework, announced patches for three vulnerabilities last week. One of them is tracked as CVE-2022-22965, Spring4Shell and SpringShell, and it has been described as a critical remote code execution vulnerability in Spring Framework that can…

Software Security

Issued by: Help Net Security

Ciphertex Data Security is introducing its new SecureNAS CX-160KHD-X model, which holds a 320TB, and its new CX-Linux ZFS operating system. These products provide a new level of safety, security, and portability for vital healthcare information, which is increasingly under attack by hackers desiring to capture and sell this valuable data or to hold it…

Malware & Threats

Issued by: CSO

When COVID-19 hit and then started forcing massive enterprise changes in March, it caused a significant change in the enterprise threat landscape. That is even more troubling given that it all happened within a few days, which required the cutting of security corners for everything, especially the creation of remote sites. COVID also accelerated movement…

Vulnerabilities

Issued by: Help Net Security

Increasingly demanded by consumers, data privacy laws can create onerous burdens on even the most well-meaning businesses. California presents plenty of evidence to back up this statement, as more than half of organizations that do business in California still aren’t compliant with the California Consumer Privacy Act (CCPA), which went into effect earlier this year….

Network Security

Issued by: Dark Reading

Because of a few key elements, ransomware is a growing threat for all Internet-connected enterprises. First, the barrier to entry in terms of cost is very low for adversaries because ransomware is inexpensive to purchase on the Dark Web. Second, ransomware is often distributed via email, which is also inexpensive (if not free) and can…