Attackers exploit flaw in GDPR-themed WordPress plugin to hijack websites

The campaign’s goals aren’t immediately clear, as the malefactors don’t appear to be leveraging the hijacked websites for further nefarious purposes. Attackers have been exploiting a security weakness in a GDPR compliance plugin for WordPress to seize control of vulnerable websites, according to a blog post by Defiant, which makes Wordfence security plugins for the web … More Attackers exploit flaw in GDPR-themed WordPress plugin to hijack websites

Abandoning a domain name can come back to bite you, research shows

A domain name once left behind can catch up with you – by giving fraudsters access to a treasure trove of sensitive information. Cybercriminals can use an abandoned domain name to obtain all manner of private information belonging to the company that formerly owned the domain, as well as to its clients and employees, a researcher … More Abandoning a domain name can come back to bite you, research shows

Majority of the world’s top million websites use HTTPS

The adoption of the protocol’s secure variant has continued its growth spurt in recent months, crossing the 50-percent milestone for the first time ever. More than one-half (51.8 percent) of the one million most visited websites worldwide now actively redirect to HTTPS, the secure version of the HTTP protocol over which data between a device … More Majority of the world’s top million websites use HTTPS

World’s biggest DDoS marketplace taken down, six suspected admins nabbed

For as little as $15 per month, anyone with a criminal bent could rent the services of webstresser.org to take down a targeted site. An international law enforcement operation has shut down a website widely thought to be the world’s biggest marketplace for hiring distributed denial-of-service (DDoS) attacks, according to an announcement by the United Kingdom’s National … More World’s biggest DDoS marketplace taken down, six suspected admins nabbed

All HTTP websites to soon be marked as “not secure” by Google Chrome

If you’re still running a website that is still using insecure HTTP then it’s time to wake up and drink the coffee. Because unless you take action soon, you’re going to find many of your visitors are going to distrust your website. The reason? Google is pushing ahead with its plan for the Chrome browser … More All HTTP websites to soon be marked as “not secure” by Google Chrome

ESET works with Google to halt dangerous malware

ESET launched Chrome Cleanup, a new scanner and cleaner for Google Chrome designed to help users browse the web safely and without interruption.  Chrome Cleanup will be available for all Google Chrome users running on Windows. As cyber-attacks become more complex and difficult to spot, browsing the web can lead users to dangerous sites which … More ESET works with Google to halt dangerous malware

Homograph attacks: Don’t believe everything you see

Just as attackers are finding new, increasingly sophisticated ways to try and evade the detection techniques used by antiviruses, they are also improving their methods designed to trick the user or at least evade the main techniques that tend to be taught in standard IT security training. Despite this, we can always take another step forward to strengthen … More Homograph attacks: Don’t believe everything you see