FBI Public Service Annoucement: Defacements Exploiting WordPress Vulnerabilities
The US Federal Bureau of Investigation (FBI) just released a public service announcement (PSA) to the public about a large number of websites being exploited and compromised through WordPress plugin vulnerabilities: Continuous Web site defacements are being perpetrated by individuals sympathetic to the Islamic State in the Levant (ISIL) a.k.a. Islamic State of Iraq and […] more…
Security Advisory: Persistent XSS in WP-Super-Cache
Security Risk: Dangerous Exploitation level: Very Easy/Remote DREAD Score: 8/10 Vulnerability: Persistent XSS Patched Version: 1.4.4 During a routine audit for our Website Firewall (WAF), we discovered a dangerous Persistent XSS vulnerability affecting the very popular WP-Super-Cache plugin (more than a million active installs according to wordpress.org). The security issue, as well as another bug-fix […] more…
Website Malware – The SWF iFrame Injector Evolves
Last year, we released a post about a malware injector found in an Adobe Flash (.SWF) file. In that post, we showed how a .SWF file is used to inject an invisible, malicious iFrame. It appears that the author of that Flash malware continued with this method of infection. Now we are seeing more varieties […] more…
Intro to E-Commerce and PCI Compliance – Part I
Have you ever heard of the term Payment Card Industry (PCI)? Specifically, PCI compliance? If you have an e-commerce website, you probably have already heard about it. But do you really understand what it means for you and your online business? In this series, we will try to explain the PCI standard and how it […] more…
WordPress Malware Causes Psuedo-Darkleech Infection
Source: The National Archives (UK) Darkleech is a nasty malware infection that infects web servers at the root level. It use malicious Apache modules to add hidden iFrames to certain responses. It’s difficult to detect because the malware is only active when both server and site admins are not logged in, and the iFrame is […] more…
Why Website Reinfections Happen
I joined Sucuri a little over a month ago. My job is actually as a Social Media Specialist, but we have this process where regardless of your job you have to learn what website infections look like and more importantly, how to clean them. It’s this idea that regardless of you are you must always […] more…
The Impacts of a Hacked Website
Today, with the proliferation of open-source technologies like WordPress, Joomla! and other Content Management Systems (CMS) people around the world are able to quickly establish a virtual presence with little to no cost. In the process however, a lot is being lost in terms of what it means to own a website. We are failing […] more…
Understanding WordPress Plugin Vulnerabilities
The last 7 days have been very busy with a number of vulnerabilities being disclosed on multiple WordPress plugins. Some of them are minor issues, some are more relevant, while others are what we’d categorize as noise. How are you supposed to make sense of all this? To help provide some clarity on the influx […] more…
Inverted WordPress Trojan
Trojan (or trojan horse) is software that does (or pretends to be doing) something useful but also contains a secret malicious payload that inconspicuously does something bad. In WordPress, typical trojans are plugins and themes (usually pirated) which may have backdoors, or send out spam, create doorways, inject hidden links or malware. The trojan model […] more…
Security Advisory: MainWP-Child WordPress Plugin
Security Risk: Critical Exploitation level: Very Easy/Remote DREAD Score: 9/10 Vulnerability: Password bypass / Privilege Escalation Patched Version: 2.0.9.2 During a routine audit of our Website Firewall (WAF), we found a critical vulnerability affecting the popular MainWP Child WordPress plugin. According to worpdress.org, it is installed on more than 90,000 WordPress sites as as remote administration […] more…
Why A Free Obfuscator Is Not Always Free.
We all love our code but some of us love it so much that we don’t want anyone else to read or understand it. When you think about it, that’s understandable – hours and hours of hard dev work, days of testing and weeks (months?, years?) of fixing bugs and after all of this, someone […] more…
Malware Cleanup to Arbitrary File Upload in Gravity Forms
During our regular cleanup process we came across a reinfection case that caught our attention. This particular environment didn’t have anything special or fancy, it was an updated WordPress installation and had 3 out-of-date plugins; that’s pretty reasonable. After running through our processes and cleaning the environment we kept coming back to a reinfection; the […] more…
Why Websites Get Hacked
I spend a good amount of time engaging with website owners across a broad spectrum of businesses. Interestingly enough, unless I’m talking large enterprise, there is a common question that often comes up: Why would anyone ever hack my website? Depending on who you are, the answer to this can vary. Nonetheless, it often revolves […] more…
Security Advisory – WP-Slimstat 3.9.5 and lower
Advisory for: WP-Slimstat Security Risk: Very high Exploitation level: Remote DREAD Score: 8/10 Vulnerability: Weak Cryptographic keys leading to SQL injections Patched Version: 3.9.6 WP-Slimstat’s users should update as soon as possible! During a routine audit for our WAF, we discovered a security bug that an attacker could, by breaking the plugin’s weak “secret” key, use to perform a SQL […] more…
Vulnerability Disclosures – A Note To Developers
This post is entirely for developers. Feel free to read, but approach it with that in mind. There is no such thing as bug-free code. We all make mistakes and every piece of software will have issues that we did not anticipate. We ourselves find weaknesses in our code, and have to work extra hard […] more…
Analysis of the Fancybox-For-WordPress Vulnerability
We were alerted last week of a malware outbreak affecting WordPress sites using version 3.0.2 and lower of the fancybox-for-wordpress plugin. As announced, here are some of the details explaining how attackers could use this vulnerability to inject malicious iframes on websites using this plugin. Technical details This vulnerability exploited a somewhat well-known attack vector amongst WordPress plugins: unprotected […] more…
2017 Antivirus News | Powered by WordPress |
Fluxipress Theme
| Show My IP Address, check blacklists
| Free Favicon, Android and Apple Icon Generator
| Bitcoin and Crypto Currency News
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Read More Privacy & Cookies Policy