Top

Archive | February, 2017

SQL Injection Vulnerability in NextGEN Gallery for WordPress

A WordPress NextGEN Gallery plugin installed on over one million sites has just fixed a severe SQL injection vulnerability that can allow attackers to steal data from a website’s database. Technical Details Vulnerability can be exploited by attackers in at least two different scenarios: First scenario The first attack scenario can happen if a WordPress […]

Continue Reading

Wordfence Security Plugin

We found new intresting malware that infected WordPress and Wordfence Security plugin. This malware filename is random numeric with php extension. Unlink When it just executed from remote GET Request, it remove itself at first. So it’s difficult know what happened on server and what case infection to WordPress and Wordfence. wp-blog-header.php It modifying WordPress […]

Continue Reading

Magento credit card stealer

Hackers are increasingly exploiting an Downloader with connect install package upload vulnerability to steal payment card information from e-commerce websites that use Magento, the most popular e-commerce platform owned by eBay. Magento Auto Logger & Patcher First this malware script try download patcher.zip If it fail it download PHP Command Shell to remote access from […]

Continue Reading

WAF (Web Application Firewall)

Cloud Web Application Firewalls Cloudflare Cloudflare’s enterprise-class web application firewall protects your Internet property from common vulnerabilities like SQL injection attacks, cross-site scripting, and cross-site forgery requests with no changes to your existing infrastructure. Read more – https://www.cloudflare.com/ AWS WAF AWS WAF is a web application firewall that helps protect your web applications from common […]

Continue Reading

RCE Attempts Against the Latest WordPress API Vulnerability

We are see remote command execution (RCE) attempts trying to exploit the latest WordPress API Vulnerability. The attackers trying to exploit sites that have plugins like the Insert PHP, Exec-PHP and similar installed plugins. These plugins, allow users to insert PHP code directly into the posts as a way to make customizations easier. Coupled with […]

Continue Reading

Content Injection Vulnerability in WordPress 4.7.x API

A new dangerous content injection vulnerability has been discovered in the WordPress CMS, it is a zero-day content injection flaw in the WordPress REST API. A fix for this was silently included on version 4.7.2 along with other less severe issues. Introduction This privilege escalation vulnerability affects the WordPress REST API that was recently added […]

Continue Reading

Silence is golden

Normally Silence is golden is all inside the index file. Just an empty file with no code and a single line comment saying “Silence is golden”. But wait, there exists nothing for no reason, there has got to be some reason for this file being empty ? The answer is security. If this index file […]

Continue Reading