We have successfully patched a serious vulnerability that affected over a million websites and improved our UX by updating the table on the Console. Thanks to Rack911 Lab’s bug report, we fixed several issues.
Let’s see in detail what happened over the last couple of weeks.
BitNinja’s WAF has patched a serious vulnerability within a WordPress plugin named OptinMonster, affecting over 1,000,000 websites.
With a carefully crafted request, an unauthorized party could bypass authentication when calling some endpoints provided by the plugin.
The team has patched it with a WAF rule (Rule ID 406002) that is available for every BitNinja user worldwide, preventing a possible exploit of this vulnerability.
On the Console in the Servers section, you can choose the table view. From now on, you can customize it easier because:
At BitNinja, our goal is to make the Internet a safer place for everyone, together! To achieve this, it’s essential to have a safe platform. Thanks to RACK911 Labs, who have reported vulnerabilities to our team, we have been able to fix security issues related to our agent, making it safer than ever!We are happy to announce that thanks to the report, we have made the following improvements:
We are looking for your help in protecting and securing our online assets. BitNinja has a Bug Bounty program through Hackrate with money rewards. Help us to find vulnerabilities and report them according to the defined expectations. You can find the program description here.
To learn more about the new features, visit our Documentation page, check out our Knowledge Base, or write to us directly.
Do you have ideas for new features or some suggestions on how we could improve BitNinja? Don’t hesitate to share it with us.
Cybersecurity is not optional anymore. It is a must! If you haven’t tried BitNinja yet, don’t forget to register for the 7-day free trial! No credit card needed!
Free Trial
Let’s make the Internet a safer place together!
Start the 7-day free trial with full functionality without spending a cent.
After the “Hello, Peppa!” zero-day botnet, our Attack Vector Miner detected another zero-day...
At the end of the last year, we made...