A sweeping, long-lasting malicious campaign dubbed “Balada Injector” has
compromised an estimated 1 million WordPress websites since its inception in
2017.

The campaign leverages “all known and recently discovered theme and plugin
vulnerabilities” to inject a Linux backdoor that lets attackers gain
unauthorized access to affected websites. The campaign’s primary objective
appears to be redirecting users to fraudulent tech support pages, fake lottery
wins, and push notification scams.

According

Over one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy malware called Balada Injector since 2017.
The massive campaign, per GoDaddy’s Sucuri, “leverages all known and recently discovered theme and plugin vulnerabilities” to breach WordPress sites. The attacks are known to play out in waves once every few weeks.
“This campaign is easily identified

Will artificial intelligence become clever enough to upend computer security? AI is already surprising the world of art by producing masterpieces in any style on demand. It’s capable of writing poetry while digging up arcane facts in a vast repository. If AIs can act like a bard while delivering the comprehensive power of the best search engines, why can’t they shatter security protocols, too?

The answers are complex, rapidly evolving, and still murky. AI makes some parts of defending computers against attack easier. Other parts are more challenging and may never yield to any intelligence, human or artificial. Knowing which is which, though, is difficult. The rapid evolution of the new models makes it hard to say where AI will or won’t help with any certainty. The most dangerous statement may be, “AIs will never do that.”

To read this article in full, please click here

Apple has issued out-of-band updates for iOS and macOS to address two newly
discovered security flaws that criminals are said to be exploiting in the wild.

Two weeks after patching ‘actively exploited
[https://www.bitdefender.com/blog/hotforsecurity/apple-patches-actively-exploited-security-flaw-in-older-iphones-with-ios-15-7-4/]
’ vulnerabilities in older iPhone models, Apple is now rolling out more security
updates, this time to patch newer iterations against freshly discovered bugs –
includi

Samsung employees have unwittingly leaked top secret data by providing them to the popular chatbot service ChatGPT. Samsung employees have shared internal documents, including meeting notes and source code, with the popular chatbot service ChatGPT. ChatGPT uses data provided by the users to train itself and build its experience, with the risk that this data […]

The post Samsung employees unwittingly leaked company secret data by using ChatGPT appeared first on Security Affairs.

Today, businesses face a variety of security challenges like cyber attacks, compliance requirements, and endpoint security administration. The threat landscape constantly evolves, and it can be overwhelming for businesses to keep up with the latest security trends. Security teams use processes and security solutions to curb these challenges. These solutions include firewalls, antiviruses, data