Wednesday, 21 December 2016

Monday, 12 December 2016

Wordfence Blocks Username Harvesting via the New REST API in WP 4.7

WordPress 4.7 was released 6 days ago, on December 6th. It includes a REST API that will be used by many WordPress plugins, mobile apps, desktop applications, cloud services and even WordPress core in future. Every site that upgrades to WordPress 4.7 has this API enabled by default.

Wednesday, 30 November 2016

Emergency Bulletin: Firefox 0 day in the wild. What to do.

We’re publishing this as an emergency bulletin for our customers and the larger web community. A few hours ago a zero day vulnerability emerged in the Tor browser bundle and the Firefox web browser. Currently it exploits Windows systems with a high success rate and affects Firefox versions 41 to 50 and the current version of the Tor Browser Bundle which contains Firefox 45  ESR.
If you use Firefox, we recommend

Wednesday, 17 August 2016

WP Plugin 404 to 301 - Considered Harmful

Yesterday we received a site cleaning request where one of our customers was seeing spammy links, Payday Loans in this case, injected into their WordPress website page content. The links were only appearing when the site was visited by a search engine crawler. This is common when a site has been hacked.

It turns out that this is not a hacked site. It is content that is injected by a plugin called 404 to 301 plugin which has 70,000 active installs and has a 4.5 star review from 56 reviewers. When you install the plugin it asks you to agree to a long agreement which includes parts of the GNU general public license. But at the end it also includes the following text:

Wednesday, 13 July 2016

New Vulnerability in All in One SEO Pack Plugin 2.3.7 and earlier

Yesterday morning Panagiotis Vagenas, a Wordfence Security Researcher, discovered a new vulnerability in the All in One SEO Pack WordPress plugin. This is in addition to another serious vulnerability we wrote about yesterday morning in the same plugin.
As detailed yesterday, All in One SEO Pack is an extremely popular plugin with over 1,000,000 active installs. Both free and Premium Wordfence users with the firewall enabled had partial protection at the time we discovered this new vulnerability.

Friday, 6 May 2016

Vulnerability in Yoast SEO 3.2.4 for WordPress

The team of Wordfence discovered a vulnerability in Yoast SEO version 3.2.4 and earlier that allows any user with ‘subscriber’ level access to download your Yoast SEO settings. For sites that have open registration, this means that anyone can register and download your Yoast SEO settings by simply creating an account and running the exploit.

Saturday, 30 April 2016

Decentralized social networks

What is Friendica and why should I bother using it?

Friendica is open source software that implements a decentralized social network. It provides a wide range of connectors to other social networks. Connect with friends on, Diaspora, GNU Social, or Twitter. You can import RSS feeds and post to Facebook, Libertree, Wordpress, Tumblr, Google+ pages and more. You can even interact via mail.

Why Friendica?

Saturday, 9 April 2016

Panama Papers: How they hacked!

Email Hackable via WordPress, Docs Hackable via Drupal

The Mossack Fonseca (MF) data breach, aka Panama Papers, is the largest data breach to journalists in history and includes over 4.8 million emails.
Yesterday we broke the story that MF was running WordPress with a vulnerable version of Revolution Slider and the WordPress server was on the same network as their email servers when the breach occurred.

Monday, 14 March 2016

LiFi internet: First real-world usage boasts speed 100 times faster than WiFi

Li-Fi, a super-fast alternative to Wi-Fi, is finally moving from research labs to the real world after an Estonian startup implemented the technology within a commercial context. Velmenni, a recent finalist at the Slush 100 startup competition in Helsinki, revealed that it has begun trialling the technology within offices and industrial environments in Tallinn.

Wednesday, 24 February 2016

WordPress delivered Ransomware and Hacked Linux Distributions

In a rather unfortunate turn of events earlier this month, the Hollywood Presbyterian Medical Center was infected with ransomware. Ransomware, if you’re unfamiliar with it, encrypts everything on your workstation and then tells you to pay an attacker to decrypt your system and regain access to your information.
In the case of Presbyterian, they had to pay 40 bitcoins or the equivalent of $17,000 to regain access to their systems. The ransomware attack affected CT scans, documentation, lab work, pharmacy functions and their email went down. Last week they paid the attacker the $17,000 and their systems were decrypted and they’re back online.

Wednesday, 27 January 2016

Google ending support for 32-Bit Chrome for Linux, Debian 7 and Ubuntu 12.04

Google announced that it will drop support for 32-bit version of Linux, Debian 7 (Wheezy) and Ubuntu 12.04 (Precise).

Users affected will still be able to use Chrome after the axe has fallen, but they will no longer receive any updates. 
In a double-whammy, March will also see Google Chrome stop supporting Ubuntu 12.04 LTS (which will receive critical and security bug fixes from Canonical until mid 2017).

Tuesday, 26 January 2016

WordPress Security: Core XSS and 4 Plugin vulnerabilities

This has certainly been an eventful month in WordPress security. January 6th saw a WordPress core security update. Upgrade immediately to version 4.4.1 of WordPress core if you haven’t already.
The vulnerability that WordPress 4.4.1 fixes is a cross site scripting or XSS vulnerability.