Posts

Showing posts with the label cyber attack

SQL injection vulnerability in WooCommerce : Wordfence

Image
Yesterday Matt Barry, researchers at Wordfence discovered a SQL injection vulnerability in WooCommerce version 2.3.5 and more established amid a code review of the plugin storehouse. WooCommerce is introduced on more than 1 million active WordPress websites . Wordfence has quickly reached Woo about the issue and they've been unimaginably responsive, discharging a fix early today with their arrival of WooCommerce version 2.3.6. We emphatically recommend you instantly upgrade on the off chance that you have not as of now. The particular issue is a SQL injection weakness in the administrator board. Inside the Tax Settings page of WooCommerce, the key of the "tax_rate_country" POST parameter is passed unescaped into a SQL insert articulation. For instance, a payload of tax_rate_country[(SELECT SLEEP(10))] would result in the MySQL server to rest for 10 seconds. Since this helplessness requires either a Shop Manager or Admin client account, it would need to be consolida

Lenovo website hacked, possibly by Lizard Squad

Image
Lenovo's security headaches proceeded with Wednesday as the PC maker's website succumbed to a cyberattack, days after the PC maker apologized for preloading software on some of its PCs that abandons them powerless against malware attacks. Rather than the commonplace prologue to the organization's items, the website showed a message Wednesday evening showing the site was down for maintenance. Users endeavoring to visit the site prior toward the evening were dealt with to a slideshow that prompted a Twitter record condemning Lenovo for its contribution with the adware Superfish. Lenovo did not instantly react to an appeal for input however affirmed the security break in an announcement to the Wall Street Journal . "Sadly, Lenovo has been the casualty of a cyber assault," the organization said. "One impact of this assault was to divert movement from the Lenovo website. We are likewise effectively exploring different parts of the assault. We are reacting and h