Antal angreb på WordPress-websites via sårbarheden Social Warfare kritisk voksede

Angreb på WordPress sites passerer som en lavine, advarer eksperter fra Palo Alto Networks.

jegt is possible due to vulnerable plugin Social Warfare that now threatens nearly 40 000 hjemmesider.

Social Warfare indeholder XSS-sårbarhed, der også kan føre til fjernkørsel udfører.

“An attacker can use these vulnerabilities to run arbitrary PHP code and control the website and the server without authentication. The attackers may use the compromised sites to perform digital coin mining or host malicious exploit code,” – Palo Alto researchers wrote.

If intruders manage to gain control over attacked website, they inbuilt scripts of cryptocurrency mining to earn on visitors.

Also are common cases of malware advertising and usage of hacked website as a part of botnet.

Experts from Palo Alto Networks remind about availability of relevant patch that fixes CVE-2019-9978 vulnerability.

uheldigvis, owners of many resources still did not acknowledge that situation is serious and continue to ignore recommended update.

I marts 2019, Social Warfare was removed from official library. This plugin allows WordPress-websites owners add on their resources bottoms of social networks that enable sharing materials on other platforms.

Kilde: www.scmagazine.com

Om Trojan Killer

Carry Trojan Killer Portable på din memory stick. Vær sikker på, at du er i stand til at hjælpe din pc modstå eventuelle cyber trusler, hvor du går.

Tjek også

MageCart på Heroku Cloud Platform

Forskere har fundet flere MageCart Web Forplove On Heroku Cloud Platform

Forskere ved Malwarebytes rapporteret om at finde flere MageCart web skummere på Heroku cloud-platform …

Android Spyware CallerSpy

CallerSpy spyware masker som en Android chat applikation

Trend Micro eksperter opdagede malware CallerSpy, hvilke masker som en Android chat program og, …

Skriv et svar