TECHNOBABBLE

TECHNOLOGY | SECURITY | NEWS

Malicious WordPress Plugins from SimplyWordPress Traced to Mason Soiza, Nefarious WordPress Spammer

Earlier today, the folks over at Wordfence released news that plugins from SimplyWordpress were found to be malicious in nature. The WordPress plugin “Captcha”, which had over 300,000 active installs, was modified to deploy an unauthenticated backdoor via an automatic update process that downloads, self-extracts and installs a different version of the plugin. One of the files downloaded, plugin-update.php, is…

BlueBorne vulnerability places billions of devices at risk…

Armis Labs has revealed a new attack vector that places billions of devices at risk and is completely platform agnostic. Virtually every device with Bluetooth enabled is exploitable via BlueBorne regardless of operating system  – Mac OS, iOS (only devices running iOS 9.3.5 and lower are affected), Android, Linux and Windows are all affected.     So what is BlueBorne?…

Petya Ransomware a Front for State Cyberattack

The recently released and poorly constructed variant of the Petya ransomware, was not designed to make money… so it is not by definition, ransomware. Petya is a wiper. It was designed specifically to spread quickly across the globe and completely and permanently eviscerate any machine it infects. First deployed in Russia and specifically targeting the Ukraine via MeDOC, it has…

Is your home router being used to attack WordPress sites?

Last week the good folks at Wordfence noticed something very interesting while compiling their monthly attack report. Algeria had raced from 60th place in their “Top Attacking Countries” list, to 24th place. That is obviously a huge jump in a very short time. Upon closer review, they realized that more than 10,000 IP addresses originating in Algeria were attacking WordPress…

More than 100,000 WordPress sites hacked via REST API zero-day

WordPress was updated on January 26th to patch three separate security vulnerabilities. At the time, the folks at WordPress advised that you should update immediately which is fairly normal (and recommended). What you may not know, is that a fourth vulnerability was kept private for several weeks. Why wasn’t it publicized? Security through obscurity. An unauthenticated privilege escalation vulnerability was found in a…

Mossack Fonseca Breach Caused by Outdated WordPress Plugin, Slider Revolution

Early this morning Wordfence released information from a security audit performed after the Mossack Fonseca breach that points to an outdated plugin on the firm’s WordPress site as the likely attack vector.   Mossack Fonseca had been running a horribly out of date version of the Slider Revolution plugin for WordPress, created by ThemePunch. They further detailed how the intruder may have then been able to move from WordPress to an…

How to prevent WINMAIL.DAT attachments in Exchange Online by disabling TNEF

I’ve run into this problem a handful of times over the last few years. An Exchange user sends and e-mail with attachment(s) to a non-Exchange user and the recipient receives nothing but a WINMAIL.DAT file that they cannot open. The most commonly preached resolution was simply to tell the sender to stop using the Rich Text Format (RTF) when sending…

Adobe Flash 0-Day listed in the Angler and Magnitude Exploit Kits

It’s no surprise that another vulnerability was found in Adobe Flash. The latest flaw has been branded CVE-2015-3113 and has been added to the ever growing list of vulnerabilities listed in the Angler and Magnitude exploit kits (both of which are readily available). While Adobe released an update for this exploit last week, that update is dependent on users actually…

Are you a lazy WordPress administrator? Get with the program or stick to Facebook…

The Federal Bureau of Investigation released alert number I-040715a-PSA today, regarding the continuous defacement and exploitation of WordPress sites perpetrated by individuals sympathetic to the Islamic State (ISIL/ISIS). The defacements have affected website operations and communication platforms across the country, as well as internationally. The WordPress CMS (Content Management System) and lazy/uninformed WordPress administrators are the target of choice, as self-hosted…

Do you have any WordPress plugins from SimplyWordpress? If so, you should remove them immediately!Would you like to know more?
+