Author: John Wiley

John Wiley is a Cyber security Evangelist, Researcher, Author & Speaker. He is a Security Writer & Editor-in-Chief, Author of W-Se Web Security Council.

Office 365 Now Warns of Fraudulent Senders Emails

A new Office 365 feature, known as’ Unchecked Sender,’ is currently being developed by Microsoft, to help users identify possible spam or phishing messages reaching Outlook client inbox. “Unverified sender is a new Office 365 function that allows end users in their inbox to recognise suspicious messages,” the company says on the entry of the…

Current Windows 10 Blocking Block Attacks on Secured Core PCs

Microsoft has introduced a new series of devices called Secured-core PCs that provide built-in firmware security from the growing use of state-sponsored hacking groups. In its 2018 activities, for example, the APT28 cyber-espionage team (also known as Sednit, Fancy Bear, Strontium and Sofacy) uses a Unified Extensible Firmware Interface (UEFI) rootkit called LoJax. This allowed…

Sodinokibi Ransomware Distributors Tools and Tactics

With a network of honeypots, McAfee researchers looked at the methods and techniques that are used by Sodinokibi Ransomware (REvil) collaborators to infect victims using ransomware and compromise other network devices. As part of the Sodinokibi ransomware-as – a-service, ransomware implements are marked with affiliate IDs and sub IDs in order to track who the…

How to Manually Patch Windows 10 Drivers

Drivers require Windows to work with hardware components such as the graphics card, memory card, storage, camera and other main operating system-recognized components. Outdated Windows 10 drivers that cause peripheral quality and stability problems after certain Windows updates have been applied. Updating drivers could also improve the overall system performance, solve Wi-Fi connectivity problems and…

Hackers Hiding Fake WordPress Plugins Backdoor Sites

The hackers use malicious plug-ins that hide in the clear view and serve as backdoors to obtain and maintain a foothold on WordPress websites and to upload web shells and scripts for brutalization on other pages. For example, some of these fake backdoor plugins— called initiatorseo or updrat123 of its developers— have seen the very…

Users Unable to Login Microsoft 365 Authentication Outage

Microsoft 365 has a Multi-Factor Authentication (MFA) failure that, according to user reports, blocks users access to multiple of Microsoft 365 services, such as Office 365 and Azure. “Users may not receive authentication requests through their authenticator application, SMS or telephone calls,” said Microsoft on the health status page of the Microsoft 365 Program. “If…

Fake WordPress Plugin Comes with the Mining Feature of Cryptocurrency

Malicious plug-ins are not only used to keep access to the compromised database but also to mine for cryptocurrencies. Researchers at website security firm Sucuri found that in recent months the number of malicious plug-ins has increased. The elements are copies of legitimate and harmful code. Such fake plugins are usually used to give attackers…

Russian Bear Hackers Found for Years After They Have Been Undetected

Cozy Bear, a risk actor supposedly working for the Russian government, managed to undetect cyber espionage activities in recent years by using malware families previously unknown to security researchers. The group was able to sustain its operation under radar for a long time, using stealthy communication techniques between infected systems and command and control (C2)…

Google News is Experiencing New Data Indexing Problems

Google News is broken for users as several websites and others do not appear with date filters in Google News. The error hits websites on the Google News browser, and the Google News mobile application has no such issues. We have reviewed a number of important news sources, and in the last few hours no…

Facebook Supports Third-Party Companies to Find Bugs

Facebook updated the terms of its third-party bug bounty service integration program to boost researchers ‘ rewards. A year ago, Facebook revealed that it would pay for researchers who can detect security problems with Facebook access tokens in third-party applications that can be used to sign in. Scientists have twice been awarded Researchers can now…