HackDig : Dig high-quality web security articles for hacker

Zero-Day flaws in 3 WordPress Plugins being exploited in the wild

Security experts at Wordfence reported that Zero-Day vulnerabilities in three different WordPress plugins have been exploited in the wild. Zero-day vulnerabilities in several WordPress plugins have been exploited by threat actors in the wild to hack vulnerable websites and deliver backdoors, the alarm was launched by security firm Wordfence. The attackers ha
Publish At:2017-10-04 22:40 | Read:472 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Cybercrime plugin Wordpres

Backdoored Display Widgets Plugin potentially affects 200,000 WordPress installs abusing them to spam content

Around 200,000 WordPress websites using the Display Widgets Plugin were impacted after it was updated to include malicious code. According to security firm Wordfence, roughly 200,000 WordPress websites were impacted after a plugin they were using was updated to include a backdoor. “If you have a plugin called “Display Widgets” on your WordPress websit
Publish At:2017-09-15 16:40 | Read:547 | Comments:0 | Tags:Breaking News Hacking Cybercrime Display Widgets Pierluigi P

WordPress Plugins could expose online shoppers on Black Friday and Cyber Monday

Black Friday and Cyber Monday are upon us, Checkmarx published a report analyzing the security of some of the top WordPress plugins. The Black Friday and the Cyber Monday are upon us and security experts from Checkmarx are questioning the security of some of the top WordPress e-commerce plugins that are currently used in more than 100,000 commercial websites
Publish At:2016-11-23 20:10 | Read:1473 | Comments:0 | Tags:Breaking News Security Black Friday Cyber Monday Cybercrime

SQL Injection zero-day in component ja-k2-filter-and-search of Joomla

Information Security experts have discovered an SQL injection zero-day vulnerability in Joomla component ja-k2-filter-and-search. Information Security Researchers Dimitrios Roussis and Evangelos Apostoloudis have discovered an SQL injection vulnerability in component ja-k2-filter-and-search (https://www.joomlart.com/joomla/extensions/ja-k2-search) of Joomla,
Publish At:2016-10-19 13:35 | Read:1808 | Comments:0 | Tags:Breaking News Hacking CMS ja-k2-filter-and-search Joomla plu

Startup Website Security And WordPress Vulnerability

You, a creative entrepreneur with a great idea, finally launch a business. As a startup, having your own website is essential in conducting business. Startups must always take extra precaution when it comes to their web security. Because startups are the perfect targets for hackers, your website should be protected as soon as it is ready to go live.Compared
Publish At:2016-08-26 09:50 | Read:1489 | Comments:0 | Tags:Cyber Security Featured Articles CryptXXX plugin ransomware

Safari Flash Player Plug-in Blocked Due to Security Bugs

The Apple Product Security team issued a security notice this week, stating that outdated Flash Player plug-ins are being blocked due to vulnerabilities in outdated versions. Apple updated the web plug-in blocking mechanism in Safari browsers to disable all Flash Player versions prior to Flash Player 17.0.0.169 and 13.0.0.281.These updates come after Adobe i
Publish At:2015-04-24 05:20 | Read:1135 | Comments:0 | Tags:Security News CVE-2015-3043 Flash Player plugin Safari

FBI warns of attacks against WordPress-based sites run by ISIS sympathizers

The FBI is warning that individuals sympathetic to the ISIS are running mass-hacking websites exploiting known vulnerabilities in WordPress. The FBI is warning administrators of WordPress websites about the possibility of cyber attacks carried out by sympathizers of the ISIS  terrorist group. Unfortunately, it is quite simple
Publish At:2015-04-10 10:35 | Read:1387 | Comments:0 | Tags:Breaking News Cyber Crime Hacking defacement FBI ISIL ISIS p

Flaw in WP-Super-Cache plugin threatens million of WordPress websites

Million of WordPress websites are vulnerable to cyber attacks due to a critical vulnerability affecting the WP-Super-Cache plugin. Million of WordPress websites using the WP-Super-Cache are exposed to the risk of cyber attack due to a critical vulnerability affecting the popular plugin. The WP-Super-Cache plugin, is normally u
Publish At:2015-04-07 18:25 | Read:1012 | Comments:0 | Tags:Breaking News Hacking plugin Wordpress WP-Super-Cache

More than 1 Million WordPress websites are vulnerable to blind SQL Injection Attacks

A security bug in the WordPress plugin WP-Slimstat could be exploited by attackers to discover a “secret” key and use it to run blind SQL Injections. More than one million WordPress sites are potentially vulnerable to SQL injection attacks due to the presence of a critical flaw in the popular plugin WP-Slimstat. WP-Slimstat is
Publish At:2015-02-26 03:45 | Read:1356 | Comments:0 | Tags:Breaking News Hacking plugin SQL injection Sucuri Wordpress

Exploiting Vulnerabilities in WordPress plugins, a cybercrime trend

A serious vulnerability in the FancyBox WordPress plugin makes it easy for a hacker to compromise any website based on the popular CMS. Last week SecurityWeek reported about another a zero-day flaw found in a WordPress plugin. This time, a new vulnerability found in the popular FancyBox for WordPress plugin could be exploited
Publish At:2015-02-11 17:00 | Read:1552 | Comments:0 | Tags:Hacking CMS Cross-Site Scripting Cybercrime FancyBox Pierlui

Apple Updates Safari Adobe Flash Player Web Plug-in, Disables All Flash Player Versions Prior to 16.0.0.305

Yesterday's Adobe software updates address a recently identified Adobe Flash Player web plug-in vulnerability (CVE-2015-0313) affecting all Flash Player versions prior to 16.0.0.305. In response, Apple has updated the OS X web plug-in blocking mechanism in Safari web browsers, disabling all Adobe Flash Player versions prior to Flash Player 16.0.0.305 and 13.
Publish At:2015-02-06 18:40 | Read:1778 | Comments:0 | Tags:Security News Adobe Flash Player Apple CVE-2015-0313 Flash P

Bogus Mobile-Shortcuts WordPress Plugin Injects SEO Spam

Here at Sucuri we see countless cases of SEO spam where a website is compromised in order to spread pharmaceutical advertisements or backlinks to sites selling luxury goods. Most of the time this involves injecting hundreds of spam links into the site’s database but in this case a deceptive, fake plugin called mobile-shortcuts was able to be a bit more
Publish At:2015-01-30 15:50 | Read:1317 | Comments:0 | Tags:Website Malware Website Security Website Spam WordPress Secu

“To view this content, you need the Tumblr Plugin”

While digging through a number of popular hashtags on Tumblr, we noticed the following page located at dangerouslovedinosaur(dot)tumblr(dot)com Fantastic URL aside, it sports a message which should set a few alarm bells ringing and the URL is being sent around via the following piece of Tumblr message spam: I literally can't believe I just found your blog, l
Publish At:2015-01-21 23:50 | Read:1568 | Comments:0 | Tags:Online Security jar java plugin tumblr

Custom Websites Running HD FLV Player Plugin Vulnerable to Attack

Content management system providers Joomla and WordPress have patched a critical vulnerability in the HD FLV Player, but custom websites running the Flash video player are still vulnerable.Researchers at Sucuri disclosed this week that a separate security issue can be abused to send spam and has yet to be patched.Related PostsResearcher: ‘Lax’ Cr
Publish At:2014-12-12 03:05 | Read:1776 | Comments:0 | Tags:Vulnerabilities Web Security HD FLV Player Joomla plugin Suc

New vulnerability in WordPress security plugin

New vulnerability in WordPress security plugin ThreatPost, the Kaspersky Lab security news service, reported yesterday,A smattering of bugs, mostly cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities, have been plaguing at least eight different WordPress pl
Publish At:2014-09-04 12:30 | Read:1801 | Comments:0 | Tags:News News_vulnerabilities advisory All in One High-Tech Brid

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud