The Last HITB Security Conference in Malaysia

Hands-on Technical Trainings - 13th & 14th October

http://conference.hitb.org/hitbsecconf2014kul/#tile_schedule

Triple-Track Conference - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/conference-speakers/

 

Capture the Flag - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/capture-the-flag/

HackWEEKDAY - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/hackweekday/

CommSec Village - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/commsec-village/

REGISTER ONLINE NOW

Hackers infect WordPress 3.2.1 blogs to distribute TDSS rootkit

http://www.flickr.com/photos/odysseygate/4011228343/

Hackers are compromising WordPress 3.2.1 blogs in order to infect their visitors with the notorious TDSS rootkit, according to researchers from Web security firm Websense.

It's not clear how the websites are being compromised, but there are publicly known exploits for vulnerabilities that affect WordPress 3.2.1, which is an older version of the popular blog publishing platform.

Once they gain unauthorized access to a blog, the attackers inject malicious JavaScript code into its pages in order to load a Java exploit from a third-party server. "From our analysis the number of infections is growing steadily (100+)," said Websense principal security researcher Stephan Chenette in a blog post on Monday. The company's research into this mass code injection campaign indicates that whoever is behind it is experienced.