Vulnerability threat to WordPress core
Top cyber security experts have talked of an impending vulnerability that could put WordPress in a fix and unless the renowned content management system releases a patch to counter it a serious consequences is in the offing.
In a recent disclosure, the experts claimed to have got wind of the vulnerability in November last year forcing them to write to the WordPress authority and suggested a patch to negate the possibility of a mess in the system.
But the things refused to progress. Those doing research on it claimed to have found out the bug in question in PHP where images uploaded on the WordPress site is deleted.
Thus, the attackers could takes the rein of the content management system of the WordPress.
According to what they say, the cyber criminals can attack the system deploying a malicious code in a WordPress owned site and as a result, the WordPress core containing crucial data and files would be deleted.
Only the bug could be exploited by the users with the ability to get a post created with images.
This is what the mechanism to minimise the impact of the vulnerability, say the researchers.
In doing so, even if somebody attempts to attack registering an user account in a site, he or she could cash in on the vulnerability before hijacking a site.
Hijacking site is not impossible since vulnerability is there for the attackers who would delete the config file of a site.
Usually, the attackers then would install the file and the site afresh. But this time they would use the database settings of their own.
The researchers are, more or less, agree that the vulnerability in question would leave the WordPress CMS versions affected along with v4.9.6, the updated WordPress version.
The WordPress team members are tightlipped on the issue even six months after they received the sets of suggestion to deploy a patch. But they never denied the authenticity of the findings.
The vulnerability, it is said, has little chance to be exploited in a big way since there is no author level account on a WordPress-owned site.
The team of researchers has released a hotfix, which indeed, is a PHP code for those who own sites to enable them to add it to the .php file to remain unharmed.
Related Posts:
How-To Tell If Your iPhone is original or Refurbished/fakeHow-To Tell If Your iPhone is original or Refurbished/fakeBuying a new or used iPhone? Wondering how reliable are refurbished iPhones? Here’s how you can tell the origin of the iPhone. The model number of the device is handy … Read More- How To Restore Deleted or lost files Files On Any DeviceHow To Restore Deleted Files On Any DeviceFew tech disasters can send your stomach into free fall quite like realizing you’ve deleted something important from your laptop or phone, with no obvious way to bring it back. Luckil… Read More
- How To Identify Fake Android Phones and Avoid Buying (basic tips)How To Identify Fake Android Phones and Avoid Buying (basic tips)Android phones have for some time now captured a large chunk of the phone market. It is understandable since others are wither mostly more expensive or with few… Read More
A new botnet was recently detected in a live environment for an unnamed client of Deep Instinct, a security firm. Newly uncovered complex MyloBot Botnet incorporates different malicious techniques and ability to shut down the Windows Defender and Windows Updates. It displays a never-before-seen level of complexity in terms of the sheer breadth of its various tools, especially evasion techniques that use three different layers. Malware is a huge problem for computer users today as the threat posed by malicious software continues to increase. Basically, botnet does many things such as DDoS attacks, steal data, and even installation ransomware based on the payload. Malware authors employed various advanced techniques to evade detection and prevent itself from Antivirus software. According to an analysis posted on Tuesday by Tom Nipravsky, a security researcher for Deep Instinct, Mylobot’s bag of tricks is bursting at the seams. These include anti-VM, anti-sandbox and anti-debugging techniques; wrapping internal parts with an encrypted resource file; code injection; process hollowing (where an attacker creates a new process in a suspended state, and replaces its image with the one that is to be hidden); reflective EXE, which involves executing EXE files directly from memory, without having them on disk; and, it also has a delaying mechanism of 14 days before accessing its C&C servers. “The structure of the code itself is very complex – it’s a multi-threaded malware where each thread is in charge of implementing different capability of the malware,” Nipravsky told Threatpost in an email interview. “The malware contains three layers of files, nested on each other, where each layer is in charge of executing the next one. The last layer is using [the Reflective EXE] technique.” One of the things Mylobot does is to terminate and delete instances of other malware on infected machines. It searches for specific folders that other botnets use and deletes them. Deep Instinct believes Mylobot deletes other malware to infect more computers and make more money for the person or persons operating the botnet. get the latest hacking gist hereA new botnet was recently detected in a live environment for an unnamed client of Deep Instinct, a security firm. Newly uncovered complex MyloBot Botnet incorporates different malicious techniques and ability to shut down the… Read More- How To Download From The US iTunes If You Are Not In The USHow To Download From The US iTunes If You Are Not In The USSometimes when an app is developed and released, the company behind it forgets that there is a world outside the United States and releases it to the US iTunes store … Read More
June 29, 2018
0 comments:
Post a Comment