Revslider, a widely-used WordPress plugin, has come under scrutiny due to a security vulnerability found in its config.php file. This exposure raises concerns for site owners using vulnerable versions of this plugin. It's crucial to understand the risks associated with this vulnerability and the necessary steps to protect your website. Nature of the Vulnerability The […]

Malware injection remains a significant threat to websites and applications globally. This article discusses what malware injection is, how it occurs, and best practices for prevention. What is Malware Injection? Malware injection is a technique used by cybercriminals to insert malicious code into a legitimate program or a website. This code can exploit vulnerabilities in […]

Revslider, a widely-used WordPress plugin, has come under scrutiny due to a security vulnerability found in its config.php file. This exposure raises concerns for site owners using vulnerable versions of this plugin. It's crucial to understand the risks associated with this vulnerability and the necessary steps to protect your website. Nature of the Vulnerability The […]

Malware injection remains a significant threat to websites and applications globally. This article discusses what malware injection is, how it occurs, and best practices for prevention. What is Malware Injection? Malware injection is a technique used by cybercriminals to insert malicious code into a legitimate program or a website. This code can exploit vulnerabilities in […]

We like attending meetups because we believe that great ideas are created when we share our experience and knowledge. That’s why we decided to organize regularly an IT security meetup in our town, Debrecen. On 24th August, we held our third meetup and we are so happy that the number of the attendees is increasing. […]

As a member of the BitNinja Development Team, one of our most important tasks is to develop the protection of BitNinja. When we deal with such a process we can see how an attack works or how a botnet can exploit a vulnerability. It's almost like watching these events behind the scenes. That's why this […]

Our world would be insecure without bug bounty platforms. We don’t know who we can or cannot trust. If we find a vulnerability in a software as a white hat hacker, we would be afraid to report it to the software owners because we wouldn’t know what their reaction would be. Will they reward or […]

The “Hello, Peppa!” botnet and the /ept/out.php vulnerability were newly discovered attacks by our Attack Vector Miner. But now, it has recognized the reactivation of a forgotten IoT botnet. This botnet exploits the D-Link router DSL-2750B  remote command execution. What does the attack look like?  The discovered pattern is the /login.cgi?cli= as you can see below:  In the case of the D-Link router DSL-2750B firmware 1.01 to 1.03, there’s an option for remote command […]

In a previous article, we’ve discussed the BitNinja safe minimum ruleset for the BitNinja WAF, that consists of 15 rules from the OWASP Core Ruleset, along with 6 rules from the BitNinja rules category. These rules can be safely enabled on the root location pattern on your server. In the BitNinja Ruleset, there are 5 […]

After the “Hello, Peppa!”  zero-day botnet, our Attack Vector Miner detected another zero-day vulnerability.  Some vulnerable websites contain an /ept/out.php file, which can work as an open proxy. That’s why the attacker scans the /ept/out.php file. Let’s see an example:  The number of these attacks started to increase on July 11th, and as we can see in the diagram below, the botnet’s activity is slowing down […]

Our Attack Vector Miner (based on AI) is a very effective tool to identify 0. day attacks. Here comes the first catch! Discovery of a New Botnet At the beginning of July, our Attack Vector Miner created a new cluster, filled with logs about a new type of botnet. We perceived the first incident on […]

In the preceding articles, I’ve talked a lot about the BitNinja safe minimum ruleset template and how you should enable it on your “/” location (or on “*/wp-admin/*” if needed) if you’re hosting mainly WordPress websites. So I’d like to give you a little more explanation about the rules that are part of the safe […]

Content Management Systems (CMS) are highly vulnerable to zero-day attacks recently. Lately, the Drupal was picked on by the hackers. Now the ModX CMS is in the target. CVE-2018-1000207: The new MODX vulnerability Two critical vulnerabilities have been found in MODX Revolution <= 2.6.4 in the past few days. Exploiting it, the hackers can remote […]

Web applications typically use authentication mechanisms to prevent unauthorized users from accessing protected resources. However, attackers often search for weaknesses in these systems, with username enumeration being a common method to identify valid usernames in a system. This article will discuss various ways to identify valid usernames on any WordPress website, along with tips to […]

MySQL is the world's second most widely used relational database management system (RDBMS) and the most widely used open-source RDBMS. Its popularity makes it a target for cybercriminals, leading to numerous brute-force attack tools readily available on the Internet. What is a Brute-Force Attack? A brute-force attack is a method used by attackers to gain […]

SQL Injection is a type of attack aimed at exploiting vulnerabilities in an application's software. Attackers insert malicious SQL code into input fields, which the application executes against its database. This can lead to unauthorized access to sensitive information, data loss, or even complete system compromise. Recent Vulnerability Overview One significant SQL injection vulnerability has […]