October 9, Help Net Security – (International) Attackers compromise Cisco Web VPNs to steal login credentials, backdoor target networks. Security researchers from Volexity discovered that attackers are continuing to leverage unpatched vulnerabilities or finding ways to gain administrator access to networks via Cisco Clientless secure sockets layer (SSL) virtual private network (VPN) portals in order to harvest employee credentials by injecting malicious JavaScript code on login pages to the VPN. The attackers are reportedly targeting academic institutions, medical facilities, electronics and manufacturing businesses, and government organizations. Source
October 9, Softpedia – (International) WordPress XML-RPC service used to amplify brute-force attacks. Security researchers from Sucuri discovered a variation of brute-force attacks that is utilizing WordPress’ built-in extensible markup language remote procedure call (XML-RPC) feature to amplify attacks by bundling together hundreds and thousands of administrative username and password combinations. Researchers recommend deleting the plugin if it is not being used. Source