Security Update for Thunderbird

Thunderbird 52.5.2  has been released to address vulnerabilities in earlier version. If left unpatched, attackers could exploit them and gain complete control of the system. BtCIRT encourages users and administrators to review  Security Advisory  for more details and apply the necessary update. Patch and protected.

Popular WordPress plugin installs Backdoor

A widely used plugin called Captcha, originally developed by “a well-established plugin developer named BestWebSoft, a company behind many other popular WordPress plugins” has been found to contain malicious code that triggers a backdoor. The plugin accounts to over 300,000 installations on wordpress sites across the world. A new version (4.4.5) is now available which can clean the affected sites. For more visit https://www.bleepingcomputer.com/news/security/backdoor-found-in-wordpress-plugin-with-more-than-300-000-installations/  

Security update for Chrome

Chrome version 63.0.3239.108 has been released for Mac, Linux and Windows to address vulnerabilities in earlier version. If left unpatched, attackers could exploit them and gain complete control of the system Therefore, BtCIRT  Recommends users and administrators to review the Chrome Releases  for more details and apply the necessary update. Patch and be protected.

Video stream users exposed to secret cryptocurrency mining

BtCIRT has known through different sources that most of the popular video streaming sites are found to be using the resources of users’ devices for cryptocurrency mining resulting to abnormally high CPU usage, thus slowing the device for user activity. As stated by the Guardian “The mining program is loaded into the users’ browser when the video player is downloaded ready to stream the video. Victims are not notified and are unaware that their computer is working hard to generate Monero. The only sign for most users would be that their computer is running slowly while playing the video” Therefore,  BtCIRT […]

Security Update from Apple

Apple has released security updates to address vulnerability in earlier version of  iOS and tvOS. If left unpatched, attackers could exploit them and gain complete control of the system. BtCIRT encourages users and administrators to review the  iOS 11.2.1 and tvOS 11.2.1 for more details  and required actions. Patch and be protected.