BabaYaga: The WordPress malware that eats other malware

Recently, Defiant’s analysts have been tracking a particularly sophisticated malware infection responsible for generating spam links and redirection, while still remaining relatively difficult for victims to detect. Dubbed “BabaYaga” by Defiant’s team, this infection is notable for containing code capable of removing its competition. BabaYaga actually has the ability to remove other malware. While this

4.8 million affected by Chrome Extension attacks targeting site owners

During the past 3 months, eight Chrome browser extensions were compromised and the attacker used them to steal Cloudflare credentials and serve up malicious ads. This post discusses exactly what happened, how to protect yourself and what the wider implications are of this supply chain attack. How the Chrome Extensions Were Compromised In June, July and

Tagged under:

Imminent: Non-HTTPS sites labeled “Not Secure” by Chrome

On approximately January 31st of this month, version 56 of the Chrome web browser will be released. There is a significant change in the way it displays websites that are not using HTTPS, also known as SSL. This change may confuse your site visitors or surprise you if you are not expecting it. Starting with the

Tagged under:

Android malware that can infiltrate corporate networks is spreading

DressCode has been found circulating in at least 3,000 Trojanized apps An Android malware is spreading across app stores, including Google Play, and has the capability of stealing sensitive files from corporate networks. DressCode, a family of Android malware, has been found circulating in at least 3,000 Trojanized apps, security firm Trend Micro said. DressCode hides

Tagged under: ,

Attackers deploy rogue proxies on computers to hijack HTTPS traffic

Security researchers have highlighted in recent months how the web proxy configuration in browsers and operating systems can be abused to steal sensitive user data. It seems that attackers are catching on. A new attack spotted and analyzed by malware researchers from Microsoft uses Word documents with malicious code that doesn’t install traditional malware, but instead

Cisco to address Cyber Security Risks Inhibiting Digital Ambitions at GISEC 2016

Cisco announced its participation in the Gulf Information Security Expo & Conference (GISEC 2016), which will take place under the collective banner of Future Technology Week, to be held at Dubai World Trade Centre from March 29-31, 2016. As a high level sponsor, Cisco will showcase its strategy of ‘Threat–centric Security’, which includes threat detection,

Tagged under: