There is a nasty botnet trolling WordPress sites trying to log in with the default admin user name and using “brute-force” methods to crack the passwords. Our advice to save your wordpress blog from being hacked is to change admin as the login name to something else and use strong passwords.
Matt Mullenweg, the founder of WordPress, advises the same thing on his blog. He also said to turn on the two-step authentication, which prompts you to enter a secret number you get from the Google Authenticator App on your smartphone. To make as secure an environment as you can, ensure that the latest version of WordPress is installed as well.
“Do this and you’ll be ahead of 99% of sites out there and probably never have a problem,” Mullenweg writes to assure 64 million WordPress users.
Last month we wrote about a flaw in Microsoft’s Internet Explorer that could allow cybercrooks to take control of a Windows-based computer if the user browses to a malicious website. The website making news for that attack was the US-based think tank, the Council on Foreign Relations (CFR). Avast Virus Lab has since discovered that two Chinese human rights sites, a Hong Kong newspaper site, a Russian science site, and weirdly, a Baptist website (see the recent tweet) are also infected with the Flash exploit of IE8.
You can imagine the interesting audience that frequents sites such as these. The CFR, for example, attracts high ranking government officials including former presidents and secretaries of state, ambassadors, journalists, and leaders of industry. These sites were chosen on purpose; instead of targeting the general masses, like in a phishing attack, the perpetrators of a so-called “watering hole attack” target specific topics like defense or energy and lie in wait for persons of interest to visit, similar to a predator at a watering hole waiting for its victims to come to it. Read more…
See update below
For the past three Tuesday mornings, DDoS (distributed denial of service) attacks have caused online outages at major U.S. banks, including Bank of America, Chase, Wells Fargo, U.S. Bank and PNC. The attacks end by Friday afternoons. A DDoS attack causes the site or service to be temporarily unavailable by flooding the targeted website with traffic until the site’s servers are overloaded. Yesterday, customers started reporting on SiteDown that they were having trouble accessing the Wells Fargo and Bank of America websites.
The banks that experienced outages have confirmed that no sensitive financial information or personally identifiable information about customers was exposed, supposedly because the attacks were motivated by politics, not fraud.
A hacktivist group called “Cyber fighters of Izz ad-din Al qassam” are taking credit for the attacks, but experts say that this group has not historically been affiliated with hacktivism. The variety and scale of the attacks have experts doubting that the group was involved, citing the massive bandwidth used in the attacks.
Collaboration among banking institutions, online-banking platform providers, other vendors, industry associations and the government, has been stronger than ever because of these attacks, reports BankInfoSecurity. “There definitely seems to be more of a community effort for the first time here to address this issue. And now we are seeing a real-life situation where we’ve had to pull together and be prepared,” says a security and fraud executive at a $4 billion banking institution in the U.S. who wishes to remain unidentified.
Early warnings about attacks aimed at these institutions were issued by the FBI and the FS-ISAC benefiting the entire industry. However, there is criticism that banks have not done enough to communicate with consumers about what is causing the outages. They might be legally barred from releasing details, however, since an ongoing investigation is in progress. The best you can expect is a “Sorry for the inconvenience.”
At this point it doesn’t appear that the DDoS attacks put your money in danger besides being unable to access your account for periods of time. Once you can access your bank’s website, check the security of your account. For those of you wanting to take precautions when conducting online financial transactions, Avast offers extra protection to keep your transactions private. Avast! SafeZone (available in avast! Pro Antivirus and avast! Internet Security) creates full desktop isolation so that other applications don’t see what’s happening – perfect for secure banking or online shopping– and leaves no traces once it’s closed. Check out the Deal of the Week for savings on our premium protection.
Update, October 12: Regions Bank was attacked today and Capital One and SunTrust were hit earlier this week. Izz ad-din Al qassam, the group taking credit for the attacks, warned about them in advance, saying it expects to spend the weekend developing plans for more attacks next week. The group claim the reason behind all this mischief is because of a YouTube movie trailer believed by the group to be anti-Islam. If the group repeats their established pattern, banks could expect more attacks next Tuesday, Oct. 16. No fraud activity has been reported by the banks.
While we were researching the websites currently serving the new Microsoft Internet Explorer (IE) zero-day threat, we found that the new attack is being piggybacked on a slightly older attack aimed on industrial companies’ websites.
The hacked legitimate websites contain on their main pages a hidden iframe.
It was brought to our attention by this thorough Eric Romang article that a new zero-day exploit (an exploit actively used by cybercriminals in the wild) targets a bug in Microsoft’s Internet Explorer (IE) 7 & 8, and with some help from Java, it could be also exploited on IE 9, as confirmed by the Metasploit firm. At this time, as there is yet no patch from Microsoft, what can you do?
There seems to be a playbook of standard hacker tactics after a celebrity death or an event of worldwide interest like earthquakes or tsunamis. Hours after the announcement of pop diva Whitney Houston’s death, scammers had already devised schemes to prey on fans seeking information – appearing to recycle those used after the deaths of Michael Jackson and Steve Jobs.
A Facebook message, claiming to link to a video of Whitney Houston’s autopsy, takes the user to a page with an embedded YouTube video. When you try to play it, a pop-up message appears instructing the user to update their copy of Adobe’s Flash from a bogus site. The video scam has become viral. Read more…