WordPress REST API Vulnerability Abused in Defacement Campaigns

WordPress 4.7.2 was released two weeks ago, including a fix for a severe vulnerability in the WordPress REST API. We have been monitoring our WAF network and honeypots closely to see how and when the attackers would try to exploit this issue the wild.

In less than 48 hours after the vulnerability was disclosed, we saw multiple public exploits being shared and posted online. With that information easily available, the internet-wide probing and exploit attempts began.

Continue reading WordPress REST API Vulnerability Abused in Defacement Campaigns at Sucuri Blog.

Story added 7. February 2017, content source with full text you can find at link above.

WordPress REST API Vulnerability Abused in Defacement Campaigns

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts