Revslider, a widely-used WordPress plugin, has come under scrutiny due to a security vulnerability found in its config.php file. This exposure raises concerns for site owners using vulnerable versions of this plugin. It's crucial to understand the risks associated with this vulnerability and the necessary steps to protect your website. Nature of the Vulnerability The […]

Malware injection remains a significant threat to websites and applications globally. This article discusses what malware injection is, how it occurs, and best practices for prevention. What is Malware Injection? Malware injection is a technique used by cybercriminals to insert malicious code into a legitimate program or a website. This code can exploit vulnerabilities in […]

Revslider, a widely-used WordPress plugin, has come under scrutiny due to a security vulnerability found in its config.php file. This exposure raises concerns for site owners using vulnerable versions of this plugin. It's crucial to understand the risks associated with this vulnerability and the necessary steps to protect your website. Nature of the Vulnerability The […]

Malware injection remains a significant threat to websites and applications globally. This article discusses what malware injection is, how it occurs, and best practices for prevention. What is Malware Injection? Malware injection is a technique used by cybercriminals to insert malicious code into a legitimate program or a website. This code can exploit vulnerabilities in […]

On 12th May 2017, the biggest cyber attack of recent times has happened and the threat is still present. Started from Europe and within a couple of hours has grown into a worldwide virus. The crisis has been caused by the WannaCry ransomware and its variants. The virus locks the infected computer and informs the users with […]

In this article, we are writing about how to secure automated decryption, based on Nathaniel McCallum’s presentation at DevConf 2017. One thing is certain, the security of our data is one of the most important things in this digital day and age. We always had a plan to protect our data, but as time changes, that […]

In this article, we would like to summarize our recently released developments, which impact the daily life of our clients. First of all, ... TheHTTPS Captcha: If you enable this feature in your agent, BitNinja will be able to present a Captcha on HTTPS. This will make the IP removal from our greylist possible just […]

Hacking has become a huge part of our lives, partly because of popular culture and partly because it can give us some serious headaches when they mess with our beloved computers.  Usually, people see them as either harmful cyber-criminals or as freedom-fighters. But in this article, we are talking about a third group of hackers, […]

A part of our Ninjastic Team participated in WHD Global in Rust, Germany for the second time. We gained a lot of experience, made new friends, learned about the trends of our industry and broadened our customer base. If you want to see the exhibition through the Ninjas' eyes, read on. The WHD staff really […]

This week we released a new version of BitNinja, which contains many significant performance improvements. But what are the changes exactly? We limited the SS usage of our Outbound WAF module. It will only use SS if a malicious request is caught. Its result will be a significant drop in BitNinja's CPU usage. Our SenseLog […]

Last week the Chief Content Manager of HostAdvice, a company who provides transparent and handy advice for those who are looking for Hosting Providers, interviewed our CEO George Egri about the nitty-gritty details of BitNinja. They have covered topics like: Why this product is better than other solutions George's views about the future of security […]

XML-RPC attacks are “trending” nowadays. If you search for “XML-RPC attack” on Google, you can see approximately 380,000 results. Most of the articles deal with XML-RPC attacks on WordPress-based websites. What is XML-RPC? RPC stands for remote procedure call and XML is the abbreviation of Extensible Markup Language. XML is widely used to represent data […]

In this article we will be dealing with OpenShift and Kubernetes technology. You can find some explanations about the terms used at the end of the article. If you want to take the neccessary steps to upgrade your own application, the first thing to do will be turning your pile of code into a container […]

Web applications typically use authentication mechanisms to prevent unauthorized users from accessing protected resources. However, attackers often search for weaknesses in these systems, with username enumeration being a common method to identify valid usernames in a system. This article will discuss various ways to identify valid usernames on any WordPress website, along with tips to […]

MySQL is the world's second most widely used relational database management system (RDBMS) and the most widely used open-source RDBMS. Its popularity makes it a target for cybercriminals, leading to numerous brute-force attack tools readily available on the Internet. What is a Brute-Force Attack? A brute-force attack is a method used by attackers to gain […]

SQL Injection is a type of attack aimed at exploiting vulnerabilities in an application's software. Attackers insert malicious SQL code into input fields, which the application executes against its database. This can lead to unauthorized access to sensitive information, data loss, or even complete system compromise. Recent Vulnerability Overview One significant SQL injection vulnerability has […]