IT Company Blog

Category: Articles

  • Zero-day attacks: Protection against dangerous WordPress attacks

    Zero-day attacks: Protection against dangerous WordPress attacks

      With zero-day vulnerabilities and zero-day attacks, you don’t know how it damages your business when it comes to cyber security. Not taking your security seriously can have disastrous effects on both you and your company. Fortunately, learning about security risks, security best practices, and potential zero-day vulnerabilities that might expose your WordPress sites to…

  • Dropbox: Your email may have received a fraudulent link

    Dropbox: Your email may have received a fraudulent link

    Dropbox is being used by hackers to distribute malware. Researchers claim cybercriminals are leveraging legal cloud storage and backup services to ensure that their infected files reach recipients’ inboxes. The researchers called the practise Business Email Compromise (BEC) 3.0. They believe email service providers have become much more adept at identifying and filtering fraudulent communications.     Hackers…

  • Managing Multiple Failed Login Attempts in WordPress

    Managing Multiple Failed Login Attempts in WordPress

    Frequent failed login attempts on your WordPress site, you should look into the potential reasons and remedies. It takes a lot of effort to create an appealing and user-friendly website. Therefore, it is distressing to watch it slip into the wrong hands due to a failure in security measures implementation. The main concern is repeated…

  • Ransomware threats are increasing and targeting more devices

    Ransomware threats are increasing and targeting more devices

    According to a new analysis from email security firms, Ransomware assaults have never been more prevalent.    According to the notice, new ransomware organisations emerge on a regular basis. Moreover, new vulnerabilities being exploited are identified practically daily, however, Microsoft’s products are being targeted the most.   In summary, attackers are currently targeting over 7,000 goods manufactured…

  • Malicious VSCode extensions steal credentials

    Malicious VSCode extensions steal credentials

    Cybercriminals have begun to target Microsoft’s VSCode Marketplace. They posted three malicious Visual Studio extensions that were downloaded 46,600 times by Windows developers. The virus allowed threat actors to steal passwords, and system information, and install a remote shell on the victim’s PC. Check Point analysts found the malicious extensions and reported them to the Microsoft…

  • Hackers utilise Azure Serial Console to get unauthorised access

    Hackers utilise Azure Serial Console to get unauthorised access

    A cybergang is utilising phishing and SIM swapping attacks to compromise Microsoft Azure admin credentials and get access to VMs.   The attackers then utilise the Azure Serial Console to install remote management software and Azure Extensions for covert surveillance.     According to the online security website, the cybergang known as UNC3944 has been active…

  • Gmail: Be careful Google could destroy your account

    Gmail: Be careful Google could destroy your account

    If you do nothing, inactive Gmail accounts will be erased permanently. Following Twitter’s decision to remove dormant accounts, Google has announced that it will do the same for old Gmail accounts. Fortunately, it is now quite evident which accounts will be categorised as inactive and when account removals will commence.   Google noted in its…

  • BlackLotus: Microsoft will repair recent Secure Boot vulnerability

    BlackLotus: Microsoft will repair recent Secure Boot vulnerability

    Microsoft provided a patch earlier this week to remedy a Secure Boot bypass problem utilised by the BlackLotus bootkit. The first vulnerability, CVE-2022-21894, was patched in January. However, the current patch for CVE-2023-24932 addresses another commonly exploited workaround for computers running Windows 10 and 11. Also on Windows Server versions dating back to Windows Server…

  • WordPress Plugin: A Critical Vulnerability Discovered

    WordPress Plugin: A Critical Vulnerability Discovered

    Over one million WordPress websites are now vulnerable to attacks. This aims to give unauthorised access to user accounts with elevated privileges. The flaw is due to a newly identified vulnerability in the Essential Addons for Elementor plugin.   A cyber security website researcher highlighted the new vulnerability (CVE-2023-32243) in an alert released on Thursday.   New…

  • Man in the middle in phishing attacks are increasing  

    Man in the middle in phishing attacks are increasing  

    Man-in-the-middle attacks used in phishing are becoming more and more common.  Because man-in-the-middle assaults in phishing operations are so effective, criminals are increasingly using them.    According to a report from cybersecurity website, hackers are enticing victims to web servers capable of brokering the full authentication process rather than just one phoney login page where they…