Cyber Security News of the week — 06.09.2021|10.09.2021


Twitter Launches Safety Mode To Block Abusive Comments

Twitter has recently announced a new feature dubbed ‘Safety Mode’ to block abusive users. Currently available in beta mode, this feature will let users block accounts posting abusive comments. With this move, Twitter aims at preventing online harassment on the platform. Twitter Introduces Safety Mode The social media platform Twitter is known for advocating freedom of speech. However, many users also exploit this leniency for bashing others. Elaborating on this move in a blog post, Jarrod Doherty, Sr. Product Manager at Twitter, stated that this step aims at providing a «more comfortable» experience to the users.

Unwelcome Tweets and noise can get in the way of conversations on Twitter, so we’re introducing Safety Mode, a new feature that aims to reduce disruptive interactions. In brief, Safety Mode will be available as a separate option under the «Privacy and safety» menu. Enabling this feature lets Twitter monitor potentially negative engagement, thereby blocking abusive users temporarily. To assess this factor, Twitter will consider the relationship between the Tweet, the author, and the replier.

This will potentially not affect the users’ followers or frequently interacted accounts. Since Twitter is testing this feature, it presently gives more control to the users regarding how it works for them. You can find information about the Tweets flagged through Safety Mode and view the details of temporarily blocked accounts at any time. Before each Safety Mode period ends, you’ll receive a notification recapping this information.

Source —


Traffic Exchange Networks Distributing Malware Disguised as Cracked Software

An ongoing campaign has been found to leverage a network of websites acting as a “dropper as a service” to deliver a bundle of malware payloads to victims looking for “cracked” versions of popular business and consumer applications.

“These malwares included an assortment of click fraud bots, other information stealers, and even ransomware,” researchers from cybersecurity firm Sophos said in a report published last week.

The attacks work by taking advantage of several bait pages hosted on WordPress that contain “download” links to software packages, which, when clicked, redirect the victims to a different website that delivers potentially unwanted browser plug-ins and malware, such as installers for Raccoon Stealer, Stop ransomware, the Gluteal backdoor, and a variety of malicious cryptocurrency miners that masquerade as antivirus solutions.

“Visitors who arrive on these sites are prompted to allow notifications; If they allow this to happen, the websites repeatedly issue false malware alerts,” the researchers said. “If the users click the alerts, they’re directed through a series of websites until they arrive at a destination that’s determined by the visitor’s operating system, browser type, and geographic location”.

Source —

and The UGLY

Gutenberg Template Library Plugin Bugs Affected 1+ Million WordPress Sites

Word fence recently shared details about vulnerabilities in the Gutenberg Template Library & Redux Framework plugin. It’s a useful WordPress plugin from bearing a huge library of Gutenberg templates. The plugin currently boasts over 1 million active installations. That means the vulnerabilities potentially risked over a million WordPress sites. As elaborated in their post, the first of these bugs affected the REST API Endpoints of the Gutenberg Template Library plugin. The vulnerability existed since the endpoints only checked edit posts capability with the user account.

“While the REST API Endpoints registered under the redux/v1/templates/ REST Route used a permission_callback to verify a user’s permissions, this call back only checked whether or not the user sending the request had the edit posts capability.”

Hence, users with lower privileges could install block templates or even plugins from the WordPress repository via the redux/v1/templates/plugin-install endpoint. The second vulnerability existed as the plugin allowed an unauthenticated adversary to view sensitive site data.

“This $support hash AJAX action, which was also available to unauthenticated users, called the superstars to function in redux-core/ink/classes/class-redux-helpers’, which returned potentially sensitive information such as the PHP version, active plugins on the site and their versions, and an unsalted md5 hash of the site’s AUTH_KEY and SECURE_AUTH_KEY.”

Source —

Stay Focused. Stay Vigilant.

Cyber Security News Team — Cyber Security Community of SLIIT

First they begin with Us..