Tag Archive for: Sites

Hackers Exploit Bug In Magento To Access Payment Data On Ecommerce Sites

/in


(MENAFN– Investor Brand Network) A critical flaw in the open-source e-commerce platform Magento has allowed hackers to make backdoors into e-commerce websites and
steal payment data . Computer software company Adobe Inc. describes the error,
CVE-2024-2072 ,
as the“improper neutralization of special elements” that could allow attackers to make arbitrary code executions without any user interaction.

Adobe addressed the vulnerability on Feb. 13, 2024, as part of a batch of security updates while e-commerce security company Sansec announced that it…

Read More>>

NOTE TO INVESTORS:
The latest news and updates relating to NextPlat Corp. (NASDAQ: NXPL, NXPLW) are available in the company’s newsroom at

About BioMedWire

BioMedWire
(“BMW”) is a specialized communications platform with a focus on the latest developments in the Biotechnology (BioTech), Biomedical Sciences (BioMed) and Life Sciences sectors. It is one of 60+ brands within the
Dynamic Brand Portfolio
@
IBN
that delivers :
(1) access to a vast network of wire solutions via
InvestorWire
to efficiently and effectively reach a myriad of target markets, demographics and diverse industries ;
(2) article and
editorial syndication to 5,000+ outlets ;
(3) enhanced
press release enhancement
to ensure maximum impact ;
(4)
social media distribution
via IBN to millions of social media followers ;
and (5) a full array of tailored
corporate communications solutions . With broad reach and a seasoned team of contributing journalists and writers, BMW is uniquely positioned to best serve private and public companies that want to reach a wide audience of investors, influencers, consumers, journalists and the general public. By cutting through the overload of information in today’s market, BMW brings its clients unparalleled recognition and brand awareness.

BMW is where breaking news, insightful content and actionable information converge.

To receive SMS alerts from BioMedWire,“Biotech” to 888-902-4192 (U.S. Mobile Phones Only)

For more information, please visit

Please see full terms of use and disclaimers on the BioMedWire website applicable to all content provided by BMW, wherever…

Source…

Sign1 malware campaign already infected 39,000 WordPress sites

/in


Large-scale Sign1 malware campaign already infected 39,000+ WordPress sites

Pierluigi Paganini
March 23, 2024

A large-scale malware campaign, tracked as Sign1, has already compromised 39,000 WordPress sites in the last six months.

Sucurity researchers at Sucuri spotted a malware campaign, tracked as Sign1, which has already compromised 39,000 WordPress sites in the last six months.

The experts discovered that threat actors compromised the websites implanting malicious JavaScript injections that redirect visitors to malicious websites.

Querying SiteCheck, the researchers discovered that the campaign infected over 2,500 sites in the past two months. 

“Plugins that allow for arbitrary JavaScript and other code to be inserted into a website are especially useful for website owners and developers but can also be abused by attackers in a compromised environment. Since these types of plugins allow for pretty much any code at all to be added, attackers often use them to insert their malicious or spammy payload.” reads the report published by the experts. “Sure enough, checking the plugin settings revealed our culprit nestled inside Custom CSS & JS

The threat actors behind Sign1 inject malicious JavaScript into legitimate plugins and HTML widgets. The injected code includes a hard-coded array of numbers that uses XOR encoding to get new values.

The experts decoded the XOR-encoded JavaScript code and discovered which it was used to execute a JavaScript file hosted on a remote server.

sign1

The researchers noticed that attackers employed dynamically changing URLs, the use of dynamic JavaScript code allows to change URLs every 10 minutes. The code is executed in the visitors’ browser, leading to unwanted redirects and ads for site visitors.

This code stands out because it checks whether the visitor came from a well-known website like Google, Facebook, Yahoo, or Instagram. If the visitor isn’t referred by one of these popular sites, the malicious code won’t run. Threat actors used this trick to avoid detection. Normally, someone who owns a website would visit it directly, instead of going through a search engine first. Malware uses this difference to try and stay…

Source…

Password-cracking botnet has taken over WordPress sites to attack using the visitor’s browser

/in


As reported by Ars Technica, cybersecurity researcher Denis Sinegubko has been monitoring ongoing website hacking activities for a long time. Now, he has identified a major pivot from crypto wallet drainers to brute-force password-cracking attacks on WordPress sites. Why is this happening, what does it mean, and what can you, as an end user, do? We’ll dive into all of the need-to-know information right away below.

First, let’s talk “Why.” Earlier in February, Sinegubko, writing for Sucuri’s blog, discussed an increase in “web3 crypto malware,” particularly malware used to inject crypto drainers into existing sites or use phishing sites for the same purpose.

Source…

Ransomware attack shuts down Central Florida radiology imager sites

/in


A ransomware attack shut down a medical diagnostic imaging firm in South Florida, shutting down several Central Florida locations, as well.

Earlier this month, a hacker accessed personal patient data at the Akumin site headquartered in Broward County, the firm said in a statement.

What is a ransomware attack?

A ransomware attack is a cyberattack designed to encrypt files on a device, rendering the data useless unless the owners of the data give a ransom to the hacker in exchange for a decryption or key, according to the Cybersecurity and Infrastructure Security Agency.

Healthcare facilities tend to be targets for ransomware attackers due to the sensitive information establishments have stored on vulnerable technologies, such as wireless devices that have access to the healthcare facilities, and network, according to CISA. These devices often can be viewed as backdoors into valuable information vaults.

Which Central Florida offices were affected?

The outpatient radiology and oncology service announced Tuesday it was temporarily shutting down services throughout the state including seven Central Florida locations.

• Orlando – 7960 Forest City Road and 1150 S. Semoran Boulevard

• Deltona – 1555 Saxon Boulevard

• Winter Haven – 7524 Cypress Gardens Boulevard

• Kissimmee – 1503 W. Oak Street and 819 E. Oak Street

• Mount Dora – 7524 Cypress Gardens Boulevard

Akumin has 50 locations throughout Florida and is available in several other states.

Can past records be accessed?

Regarding accessing past medical records, Akumin said certain imaging results may be unavailable.

“Our systems are being restored with differing timelines. Please check with the clinic you visited to learn more about the availability of prior studies. We will provide updates on restoration as appropriate,” it said in a statement.

Akumin also said it will alert patients once it can reschedule appointments, however, it has no timeline at this point.

Additionally, Akumin was found to have filed for Chapter 11 bankruptcy weeks after the cyberattack took place, according to a report by First Coast News, an NBC-affiliated station in Jacksonville.

Source…