Introduction
It was a quiet week for articles that could make it into our review for this week's edition. We have just .....checking the number of articles...... four articles to review.
These articles are about the following:
- Scam
- Vulnerability
- Malware
Let's go!
PSA: These ‘Microsoft Support’ ploys may just fool you
The article's title is not clickbait. The threat is real, and without you knowing it, you can fall for it. It all starts with a fake Microsoft advertisement on Google search that takes you to what looks like a real Microsoft website which contains the scammers phone number.
If you think for one second that you can't fall for this. Think again. Strange things can happen if you're under stress while trying to fix your computer. Just saying. Finally, there is no excerpt for this one, go read it and stay safe.
Code Execution Vulnerability Found in WPML Plugin Installed on 1M WordPress Sites
The good news about this bad news is that the developers behind the plugin have fixed it. Therefore, if you're using a version of WPML before 4.6.13, update immediately. What's more, like the previous article, no excerpt can fully capture the essence of the article because I believe if you hear the word Remote Code Execution, you know what it means.
However, if you care about the technical details of the vulnerability, read the full breakdown on the Stealthcopter blog.
Hackers infect ISPs with malware that steals customers’ credentials
What should I say about this? I don't know man. The ISP? The excerpt below (I know, the first one for today 😂), explains what the vulnerability is, when it was patched, and how the threat actors abused it.
CVE-2024-39717, as the zero-day is tracked, is an unsanitized file upload vulnerability that allows for the injection of malicious Java files that run on the Versa systems with elevated privileges.
Versa patched the vulnerability Monday after Lumen privately reported it earlier. All versions of Versa Director prior to 22.1.4 are affected. To fly under the radar, the threat actor waged their attacks through compromised small office and home office routers.
Fake Canva home page leads to browser lock
Yet another scam that starts with a malicious Google search advertisement. Be careful what you believe online, and be careful on what you click. The excerpt below explains how the scammers pulled this off (after the malicious advertisement).
Scammers created a free account on Canva and made a design that looks just like… Canva’s home page. Of all the possible art they could have created, they chose to take a screenshot of Canva’s site and use it as their creation.
This is their “trick”, they want users to think they have landed on the real website and expect them to click on the ‘Start designing’ button.
Credits
Cover photo by Debby Hudson on Unsplash.
That's it for this week, and I'll see you next time.