February 2, Softpedia – (International) Compromised WordPress sites hijacked over and over again to push malware. Security researchers from Sucuri discovered a new campaign that targets WordPress websites after finding that all of the sites’ JavaScript files were infected with malicious codes to load an iframe, show advertisements, and leave an unknown backdoor on each web page with the intention to reinfect websites once the pages were cleaned. Researchers reported that if victims hosted several domains on the same hosting account, all of the domains will be affected via cross-site contamination. Source
February 2, Softpedia – (International) Deja-Vu: Google fixes another RCE vulnerability in the Mediaserver component. Google released patches for its Android mobile operating system (OS) fixing 13 flaws including 3 elevation of privilege issues in the Qualcomm Wi-Fi driver, and 2 remote code execution (RCE) vulnerabilities in its Mediaserver component that allowed an attacker to craft a malicious multimedia file and cause a memory corruption in the phone’s OS, among other exploits. Source
February 1, Softpedia – (International) Joomla zero-day accounted for the majority of web attacks in Q4 2015. The Solutionary Security Engineering Research Team (SERT) released a report titled, “Sert Quarterly Threat Report Q4 2015” which stated that malware attacks had increased during the past quarter, with virus and worm numbers increasing by 236 percent compared to Quarter 3 (Q3) and that ransomware attacks were growing within the U.S., accounting for 78 percent of all malware delivered during Quarter 4 (Q4). In addition, the report stated most violations were web applications that targeted flaws in web-based software and leveraged the Joomla zero-day vulnerability in Q4, among other information. Source
February 1, The Register – (International) WirelessHART industrial control kit is riddled with security holes. Security researchers from Applied Risk discovered several flaws in various WirelessHART products that could enable attackers to manipulate instruments and compromise process data integrity due to its low security protocol within its implementation layer, allowing hackers to extract the encryption key. Source