Incident: Dunlop’s Aussie site caught up in CryptXXX ransomware-spreading campaign | iTnews

Posted by Steven Kirby | Jul 20, 2016 | Australia, Australian InfoSec Incidents 2016, iTnews, Ransomware, Vulnerability, Website Compromise | 0 |

Incident: Dunlop’s Aussie site caught up in CryptXXX ransomware-spreading campaign | iTnews

Australian Information Security Incident Reported: July 20 2016

Dunlop’s site compromised, users redirected to exploit kit. Dunlop parent Ardex Australia said it was “currently investigating” the weakness and declined to elaborate.

Attackers are targeting business websites through a vulnerable version of the Revslider slideshow plugin for WordPress to spread the CryptXXX ransomware.

A vulnerable version of the RevSlider plugin for WordPress was behind the March 2015 compromise of the New South Wales government GovDC website. In December 2014, over 100,000 sites with the Revslider plugin were compromised in a single day.

Source: Aussie site caught up in CryptXXX ransomware-spreading campaign – Security – iTnews

Related

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

Commentary on Australia's National Cyber Security Strategy
by Craig Nielsen, vice president Asia Pacific, GitLab on September 28, 2023
GUEST OPINION: Australia’s new Cyber Security Strategy to begin building six cyber shields around the nation comes at a time when it’s more important …
Gov stalls on some privacy reforms with conditional support
by Richard Chirgwin on September 28, 2023
The government has offered "in-principle" - conditional - support for over half of the recommendations from a two-year-long review of the Privacy …
Personal data to get greater protection, but targeted ads will keep coming
by Paul Sakkal on September 27, 2023
Australians are likely to gain new rights allowing them to demand tech companies erase data, sue for privacy invasions and avoid being targeted by …
Cyber risk: Directors’ duties and implications for M&A
by Luke Dawson on September 26, 2023
On 18 September 2023, ASIC Chair Joe Longo addressed the Australian Financial Review Cyber Summit on the topic of cyber preparedness. His message was …
APVMA added to HWL Ebsworth breach list
by Richard Chirgwin on September 25, 2023
The Australian Pesticides and Veterinary Medicines Authority (APVMA) has confirmed that it was one of the federal government agencies impacted by the …
Australian Federal Police claw back $45m lost to BEC scammers
by Ry Crozier on September 25, 2023
The Australian Federal Police has claimed some success in thwarting in-progress business email compromise (BEC) scams, in cases where the incident is …
AFP saves mum and dad business from cyber criminals | Australian Federal Police
by Australian Federal Police on September 25, 2023
The AFP has returned $45 million to Australian businesses targeted by cyber criminals in the past three years. As the AFP today challenges the …
Aussies Warned Over Cyber-Security Risks After Large-Scale Hack
by The Project on September 24, 2023
Sixty-five government departments and agencies have been caught up in the country’s latest ‘large scale’ cyber-attack on legal firm HWL Ebsworth, with stark ...
Federal government rolls out plan to protect Aussies from cyber attacks | 9 News Australia
by 9 News Australia on September 24, 2023
One year on since the Optus cyber attack, Home Affairs Minister has revealed part of the Federal government’s plan to protect Australians from future breache...
Troy Hunt scours the dark web for your stolen data — but he's just trying to help
by By Julian Fell on September 22, 2023
He's just "a dude on the web", but Troy Hunt has ended up playing an oddly central role in global cybersecurity. In April, the US Federal Bureau of …

Weekly Australian News and Monthly Incident Review Emails

No advertisements, marketing, sales, or unsolicited emails. Your email address is ONLY used to send the publications listed above.

Shares

Share This