Author Archives: Aaron Mayo

Critical WordPress plugin bug lets hackers take over hosting account

Critical WordPress plugin bug lets hackers take over hosting account

Hackers can exploit a maximum severity vulnerability in the wpDiscuz plugin installed on over 70,000 WordPress sites to execute code remotely after uploading arbitrary files on servers hosting vulnerable sites. wpDiscuz is a WordPress plugin marketed as an alternative to Disqus and Jetpack Comments that provides an Ajax real-time comment system that will store comments within a local […]

Read More »
No More Ransom turns 4: Saves $632 million in ransomware payments

No More Ransom turns 4: Saves $632 million in ransomware payments

The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated $632 million in ransom payments. No More Ransom was created in 2016 through an alliance between Europol’s European Cybercrime Centre, the National High Tech Crime Unit of the Netherlands’ police, […]

Read More »
How to stop Microsoft Edge launching automatically on login

How to stop Microsoft Edge launching automatically on login

Microsoft shared info on how Edge users can prevent the web browser from launching automatically after they log into their Windows account by tweaking the system’s Sign-in setting for automatically restarting apps on logon. “If you don’t want Microsoft Edge to start when you sign in to Windows, you can change this in Windows Settings,” […]

Read More »
New ‘Meow’ attack has wiped dozens of unsecured databases

New ‘Meow’ attack has wiped dozens of unsecured databases

Dozens of unsecured databases exposed on the public web are the target of an automated ‘meow’ attack that destroys data without any explanation. The activity started recently and hits Elasticsearch and MongoDB instances indiscriminately without leaving any explanation, or even a ransom note. A quick search by BleepingComputer on the IoT search engine Shodan has […]

Read More »
Microsoft will disable insecure TLS in Office 365 on Oct 15

Microsoft will disable insecure TLS in Office 365 on Oct 15

Microsoft has set the official retirement date for the insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols in Office 365 starting with October 15, 2020, after temporarily halting deprecation enforcement for commercial customers due to COVID-19. “As companies have pivoted their supply chains and countries have started to re-open we have re-established a retirement […]

Read More »
Microsoft Outlook is crashing worldwide with 0xc0000005 errors, how to fix

Microsoft Outlook is crashing worldwide with 0xc0000005 errors, how to fix

Microsoft Outlook is immediately crashing worldwide when users start the application, with 0xc0000005 errors displayed in the Windows Event Viewer. These crashes started occurring last night, and reports are flooding in from users all over the world. Users who examined their Application event logs will see an error log stating that the OUTLOOK.EXE program has crashed […]

Read More »
Chrome 84 released with important security enhancements

Chrome 84 released with important security enhancements

Google has released Chrome 84 today, July 14th, 2020, to the Stable desktop channel, and it includes numerous security enhancements and new APIs for developers. This massive release does not include many new features but offers increased protection against browser notification scams, mixed-content downloads, and the removal of insecure TLS protocols. With Chrome 84 now being promoted to […]

Read More »
Critical SAP Recon flaw exposes thousands of customers to attacks

Critical SAP Recon flaw exposes thousands of customers to attacks

SAP patched a critical vulnerability affecting over 40,000 customers and found in the SAP NetWeaver AS JAVA (LM Configuration Wizard) versions 7.30 to 7.50, a core component of several solutions and products deployed in most SAP environments. The RECON (short for Remotely Exploitable Code On NetWeaver) vulnerability is rated with a maximum CVSS score of 10 out […]

Read More »
Malwarebytes AdwCleaner now removes malware from the command line

Malwarebytes AdwCleaner now removes malware from the command line

The popular AdwCleaner tool from Malwarebytes is about to get even more popular as it now can be used entirely from the command line. For those who are not familiar with AdwCleaner, it is a free adware and adware, PUP, spyware, and browser hijacker remover that is used on an as-needed basis. Originally developed independently, […]

Read More »