Wednesday☕️

Earth Intelligence

27 Mar 2024 — 4 min read

Trending:

Baltimore Bridge Collapse
WordPress Website Malware

Markets:

Yesterday’s U.S. stock market:

Yesterday’s commodity market:

Yesterday’s crypto market:

Baltimore Bridge Collapse:

In the early hours of Tuesday around 1:30 AM, the Francis Scott Key Bridge in Baltimore, Maryland, suffered a collapse into the Patapsco River after a collision with a container ship. The incident occurred when the vessel Dali, which can carry up to 10,000 containers and was leaving the Port of Baltimore for Colombo, Sri Lanka, struck one of the bridge's pillars. At the time of the accident, the ship had two Port of Baltimore pilots aboard. Eight individuals were on the bridge when it collapsed; two were rescued from the water, but six are still missing.
As a result of the collapse, all traffic across the bridge, which normally sees 34,000 commercial and passenger vehicles daily, has been diverted. Moreover, the movement of ships to and from the Port of Baltimore is on hold. This disruption is expected to have significant implications for cargo operations, with the potential rerouting of shipments originally planned through Baltimore to alternative ports like New York and Norfolk. Governor Wes Moore of Maryland noted that over 52 million tons of foreign cargo, valued at approximately $80 billion, were handled by the port last year.
Baltimore, ranking as the 11th largest port in the U.S., averaged 207 vessel calls a month in the previous year, as reported by Lloyd's List, emphasizing its crucial role in the nation's shipping activities. Regarding the bridge collapse, there have been numerous reports and theories about the cause, ranging from malfunctions to suggestions of a cyberattack or intentional sabotage. However, it's important to note that, at this time, there is no concrete evidence to support these claims; they are still under investigation.

WordPress Website Malware:

Security experts at Sucuri have identified a malware operation, named Sign1, that has infiltrated around 39,000 WordPress websites over the past six months. The malware involves the injection of malicious JavaScript into these sites, causing visitors to be redirected to harmful web pages. Through their investigation using SiteCheck, the team found that over 2,500 websites were affected by this campaign in the last two months.
The report highlights that plugins which allow the addition of arbitrary JavaScript are both valuable tools for site developers and potential vulnerabilities that attackers can exploit. Specifically, the malicious code was often hidden within the settings of a plugin called Custom CSS & JS. The Sign1 malware injects JavaScript that utilizes XOR encoding to disguise its activities and fetch a JavaScript file from a remote server.
The researchers decrypted this code to understand its purpose. One notable tactic used by the attackers is the generation of dynamically changing URLs, with the malware able to alter these URLs every 10 minutes. This feature, along with code execution within the visitor's browser, results in unexpected redirects and advertisements. Additionally, the malware cleverly determines whether a visitor has been referred from major websites like Google or Facebook.

Statistic: