Revslider, a widely-used WordPress plugin, has come under scrutiny due to a security vulnerability found in its config.php file. This exposure raises concerns for site owners using vulnerable versions of this plugin. It's crucial to understand the risks associated with this vulnerability and the necessary steps to protect your website. Nature of the Vulnerability The […]

Malware injection remains a significant threat to websites and applications globally. This article discusses what malware injection is, how it occurs, and best practices for prevention. What is Malware Injection? Malware injection is a technique used by cybercriminals to insert malicious code into a legitimate program or a website. This code can exploit vulnerabilities in […]

Revslider, a widely-used WordPress plugin, has come under scrutiny due to a security vulnerability found in its config.php file. This exposure raises concerns for site owners using vulnerable versions of this plugin. It's crucial to understand the risks associated with this vulnerability and the necessary steps to protect your website. Nature of the Vulnerability The […]

Malware injection remains a significant threat to websites and applications globally. This article discusses what malware injection is, how it occurs, and best practices for prevention. What is Malware Injection? Malware injection is a technique used by cybercriminals to insert malicious code into a legitimate program or a website. This code can exploit vulnerabilities in […]

100% server uptime... Every hosting company is dreaming about it as nowadays when there are countless service providers, customers will choose the one which grants reliability. What happens when a website is inaccessible? It’s always painful for the website owner, the visitors and for the hosting company. There could be many reasons behind it, but […]

Time is a limited resource for all IT teams. They must be quick, effective and focused on the right goals. However, when the house is burning - let’s say hackers infected your servers, often you have to throw your projects away and start fire fighting to prevent further damage. But are you? Shouldn’t a server […]

It’s been a while since I wrote the previous episode of my blog series. If you are interested in Remote Code Execution, then I definitely recommend reading the previous part. So, here we are again, the moment has come for my final article about cross-site scripting (XSS). What is Cross-Site Scripting (XSS)? Usually, XSS vulnerability […]

As a server owner, have you ever had an experience where one or more of the websites hosted by you were reported as a phishing website? Another common issue to get blacklisted on different lists or getting abuse reports which inform you that your servers are attacking other nodes. Perhaps this fact that we’re telling you […]

Cybercriminals can easily attempt to break into shared hosting environments to use their resources for different types of attacks. Phishing is one of the most irritating forms, where the provider, the website owner and all of their visitors are affected. These attacks also highlight the responsibility of hosting providers, and that’s why we have just […]

Are you tired of the never-ending malware infections? Would you like to get rid of the nightmare of the long hours spent troubleshooting? Do you still seem to get repeatedly infected regardless of how often you make malware removals? It’s enough of the reactive protection! The old way What would usually happen when a server […]

The social media and the cybersecurity sites were blowing up when Drupal published their latest vulnerability (SA-CORE-2019-003). It’s not a surprise that this remote code execution vulnerability got a highly critical label, as hackers could easily hack your Drupal 8 websites. But BitNinja users shouldn’t have to worry for any minute, as they were protected […]

Do you remember the new version of the Hello Peppa botnet? At the end of 2018, it was welcomed into 2019 slightly early, and the January botnet started to spread. Well, it wouldn’t be funny, if the botnet would still send the „J4nur4ry” in the Post Data when we are already over January… So, here […]

The new year inspired us and brought new vibes to our office. Our tech ninjas are developing several new badass features. Besides the new features, we are also improving our existing modules as well. Last week, the SenseLog module became enriched with 4 new rules and another rule has been updated. Here is a list […]

Web applications typically use authentication mechanisms to prevent unauthorized users from accessing protected resources. However, attackers often search for weaknesses in these systems, with username enumeration being a common method to identify valid usernames in a system. This article will discuss various ways to identify valid usernames on any WordPress website, along with tips to […]

MySQL is the world's second most widely used relational database management system (RDBMS) and the most widely used open-source RDBMS. Its popularity makes it a target for cybercriminals, leading to numerous brute-force attack tools readily available on the Internet. What is a Brute-Force Attack? A brute-force attack is a method used by attackers to gain […]

SQL Injection is a type of attack aimed at exploiting vulnerabilities in an application's software. Attackers insert malicious SQL code into input fields, which the application executes against its database. This can lead to unauthorized access to sensitive information, data loss, or even complete system compromise. Recent Vulnerability Overview One significant SQL injection vulnerability has […]