Administrator of precisionsec.

Dridex Delivered by Malicious PDF Files

The actors distributing the Dridex banking trojan switched tactics again this week. In their latest campaign, distributing Dridex botnet 7200, the criminals have switched to using PDF files, with links to macro-enabled documents which finally download the Dridex payload. Examining the infection chain further, the initial attack vector is a PDF file attached to an…

Precisionsec Blog New WordPress Vulnerability: GTD Theme Arbitrary File Upload

New WordPress Vulnerability: GTD Theme Arbitrary File Upload

First reported here: http://forum.explorecrew.org/showthread.php?tid=110&pid=360 We have tested and confirmed that GTD 1 by Templatic is vulnerable on Ubuntu 12.04. In initial testing we were not able to exploit this vulnerability on GTD/P2 Reloaded 2.5 by WPVerse. If you are interested in receiving WordPress vulnerability notifications directly, please sign up for our WordPress Vulnerability Notification Service.…