November 3, Softpedia – (International) Spam botnet leverages vulnerable WordPress sites. Researchers from Akamai Security Intelligence Research Team (SIRT) discovered a new spam botnet in the wild dubbed Torte that infects machines via Executable and Linkable Format (ELF) Linux binaries and Hypertext Preprocessor (PHP) scripts placed on the targeted server’s filesystem after the SIRT team received a suspicious PHP script for analysis. The botnet is one of the largest in recent years and accounts for 83,000 infections across 2 of 4 infection layers. Source
November 3, Securityweek – (International) XcodeGhost Malware updated to target iOS 9. FireEye researchers discovered the malware XcodeGhost designed to target Apple’s mobile operating system (iOS) and graphical interface operating systems (OS X) is still active and has evolved to support Xcode 7 and iOS 9, allowing attackers to perform various actions including collecting information from infected devices and opening arbitrary websites. The malware has primarily targeted China, Germany, and the U.S. Source
November 3, Securityweek – (International) Malware served via anti-adblocking service pagefair. The anti-adblocking solutions provider, PageFair, reported hackers breached its systems after gaining access to a key email account via a spear phishing attack, which allowed attackers to hijack the content delivery network MaxCDN account and change its settings to replace the legitimate analytics JavaScript tag with malware disguised as an Adobe Flash Player update. PageFair reported that just 2.3 percent of the affected websites’ visitors were at risk of infection before neutralizing the attack. Source
November 3, The Register – (International) Password reset invoked after vBulletin.com forum software site defaced. The official website of vBulletin.com was compromised October 30 following a hacker attack that used the handle “Coldzer0” by exploiting a zero-day vulnerability in its systems to hack its website and other websites powered by the company. User data including user names, email addresses, security questions and answers, and password salts were exposed, and as a precaution, vBulletin reset all account passwords. Source