TECHNOBABBLE

TECHNOLOGY | SECURITY | NEWS

Tag: Vulnerability

Is your home router being used to attack WordPress sites?

Last week the good folks at Wordfence noticed something very interesting while compiling their monthly attack report. Algeria had raced from 60th place in their “Top Attacking Countries” list, to 24th place. That is obviously a huge jump in a very short time. Upon closer review, they realized that more than 10,000 IP addresses originating in Algeria were attacking WordPress…

More than 100,000 WordPress sites hacked via REST API zero-day

WordPress was updated on January 26th to patch three separate security vulnerabilities. At the time, the folks at WordPress advised that you should update immediately which is fairly normal (and recommended). What you may not know, is that a fourth vulnerability was kept private for several weeks. Why wasn’t it publicized? Security through obscurity. An unauthenticated privilege escalation vulnerability was found in a…

Adobe Flash 0-Day listed in the Angler and Magnitude Exploit Kits

It’s no surprise that another vulnerability was found in Adobe Flash. The latest flaw has been branded CVE-2015-3113 and has been added to the ever growing list of vulnerabilities listed in the Angler and Magnitude exploit kits (both of which are readily available). While Adobe released an update for this exploit last week, that update is dependent on users actually…

Are you a lazy WordPress administrator? Get with the program or stick to Facebook…

The Federal Bureau of Investigation released alert number I-040715a-PSA today, regarding the continuous defacement and exploitation of WordPress sites perpetrated by individuals sympathetic to the Islamic State (ISIL/ISIS). The defacements have affected website operations and communication platforms across the country, as well as internationally. The WordPress CMS (Content Management System) and lazy/uninformed WordPress administrators are the target of choice, as self-hosted…

Apple patches bash Shellshock vulnerability in OS X

Apple has just released an update for OS X, patching the bash Shellshock vulnerability for those potentially effected by the bug. You can download the update immediately from the Apple support site, though it does not show up in automatic updates. OS X bash Update 1.0 – OS X Mavericks http://support.apple.com/kb/DL1769 This update fixes a security flaw in the bash…

How to determine if you’re vulnerable to the Shellshock / Bashdoor Bug

The Shellshock bug, though recently discovered, is a security vulnerability that has been present in Bash for two decades and primarily effects Linux/Unix/Mac users – not Windows users. An attacker leveraging this exploit could potentially execute commands remotely. The Shellshock vulnerability was discovered on September 12th, 2014 Stéphane Chazelas. How can you ensure that your system is not vulnerable? First, check which version of Bash…

Critical WordPress update released to patch unauthenticated privilege escalation REST API vulnerability... Would you like to know more?
+