Posts

Showing posts with the label hacking news

Akismet XSS Vulnerability : Wordpress Security Update

Image
A scientist from Sucuri told us of a XSS vulnerability in the Akismet WordPress plugin. This bug influences all versions of the Akismet WordPress plugin since 2.5.0, however we have no confirmation that it has been misused in nature.  A vulnerability in Akismet found a week ago and due to fact that Akismet is a standout amongst the most broadly utilized plugins for WordPress, we needed to draw it out into the open.  Akismet is a comment spam channel for WordPress and when all is said in done, it makes an awesome showing. The Akismet team reported on their web journal a week ago that a cross website scripting (XSS) vulnerability had been found in all versions of Akismet since 2.5.0.  The vulnerability permits an hacker to post a remark on a WordPress site which will execute javascript in the WordPress administrator console. This is a normal XSS vulnerability example and one of the assaults it empowers would permit an aggressor to take a WordPress head's treats an...

Safety first - Microsoft Site Hacked

Image
Nobody is resistant to hacks. It doesn't make a difference on the off chance that you are a small business with 10 employees or an immense business with 10,000 employees. This was proved when the Microsoft site, digitalconstitution .com, was found to contain various spammy pages and links in its website. The site, as per ZDNet , was running an older variant of WordPress which made it helpless to the attack. This ought to likewise serve as a calming suggestion to every one of us.  At the point when was the last time you took a gander at the plugins you were utilizing on your site? What about your themes? Do you truly require every one of them? Are there any simply staying there, not upgraded and incapacitated? A significant number of the adventures and hacks that happen today to WordPress sites are an immediate consequence of outdated themes and plugins. In the event that you are unrealistic to ever utilize that truly perfect slider plugin that you never got around to playing w...

New York City hit with DDoS attacks, government email service knocked out

Image
For the entire of last week, and up until this Monday, unknown hackers had knocked of New York City government's email framework. The attack was really savage, as per a City Hall source, who said that the "universal denial of service attack had now been contained, however there was all the while "ongoing pernicious activity". Pretty much all government agencies, including the FBI and NYPD, were not able to send or get email messages. A few agencies set up interim Gmail accounts so they could keep on working.  DDoS or Hack? It is not known whether New York City government sites were under DDoS attack or were hacked in light of the fact that Albano included that no touchy data or data was bargained amid the attack. He however said that this was a "big attack" yet made light of its impact on New York City taxpayer supported organizations. Remarking on this, Lancope CTO, TK Keanini, said: "Anything associated with the Internet is liable to thi...

Lenovo website hacked, possibly by Lizard Squad

Image
Lenovo's security headaches proceeded with Wednesday as the PC maker's website succumbed to a cyberattack, days after the PC maker apologized for preloading software on some of its PCs that abandons them powerless against malware attacks. Rather than the commonplace prologue to the organization's items, the website showed a message Wednesday evening showing the site was down for maintenance. Users endeavoring to visit the site prior toward the evening were dealt with to a slideshow that prompted a Twitter record condemning Lenovo for its contribution with the adware Superfish. Lenovo did not instantly react to an appeal for input however affirmed the security break in an announcement to the Wall Street Journal . "Sadly, Lenovo has been the casualty of a cyber assault," the organization said. "One impact of this assault was to divert movement from the Lenovo website. We are likewise effectively exploring different parts of the assault. We are reacting and h...

How to bypass WhatsApp's Double Blue Checkmarks : Hacking Tips

Image
As covered in our last article,  Whatsapp did what most are dreading—read messages confirmations once more to the sender. While individuals some are glad about the feature, others are freaking out. Whatsapp has begun sending back read message confirmations over to the reader by issuing blue double tick marks on the message. This shows and affirms that the message has been read/ seen by the user on the other end. Awhile ago, a solitary tick would imply that the message is sent and a double tick implied that the message has been gotten on the phone. Then again, there was no affirmation whether the message was seen by the beneficiary and when. Anyway now there is no getting away as the sender will know whether you saw the message and when. While blue ticks could be incredible for some, it could destroy relationships for some others. This could produce an antagonistic results on Whatsapp users and power them to relocate to other visit applications to evade debates. The last time Wh...

Hacking Of Websites: New Type Of War??

Image
Indeed as gunfire keeps on being exchanged over the Indo-Pak border, an all out hacking and destruction war has emitted in the internet. On Thursday, over twelve Indian and Pakistani sites were mutilated by programmers from either side of the wall. The site of the Press Club of India (PCI) in the capital was hacked and destroyed, with the programmers' message on the site's landing page guaranteeing Pakistani beginning. A programmer gathering calling itself "Indian Hackers Online Squad" hacked and destroyed the site of the Pakistan's fundamental resistance party, Pakistan People's Party (PPP), www.ppp.org.pk on Wednesday, with one "Bl@k Dr@gon" asserting credit. On Thursday, the Pakistan routes site was hacked also, the second time not long from now, with the same name showing up on the ruined page. Reacting to a Wednesday assault on Malayalam movies performer Mohanlal's site, a gathering called "The Mallu troopers" mutilated the site...

Five tips to gurarantee Online Data Security

Image
The late break of nude images of in excess of 100 well-known celebrities online has shaken Hollywood as well as the Silicon Valley. Online service providers are trying their hardest to guarantee security of their cloud offering is moved forward. In any case there are steps you can take to enhance the security of your data on the cloud. While there is no foolproof approach to secure your digital data, and the risk of hacking being true, the accompanying steps will guarantee that at you give the best conceivable protection to your digital data. Strong passwords This is the most effortless thing to do yet most individuals neglect to do it. Passwords made by most clients are decently fundamental — names of family parts or other personal data, and now and again, amazingly nonexclusive passwords (password123, administrator, and so on). Nonexclusive passwords don't require much exertion to break and programmers can result in genuine harm if your password is traded off. The least ...

5 Million Gmail Usernames And Passwords Leaked on Russian Bitcoin Forum

Image
A database containing around 4.93 million usernames (and their login credentials) of Google accounts was posted on a Russian Bitcoin security forum. The client posting the information asserted that around 60% of the logins in the leak were dynamic could be gotten to effectively utilizing the leaked certifications. Google in a statement to the media has, then again, denied that the organization's frameworks were traded off. The .txt file of all leaked gmail usernames was found on Bitcoin security (discussion in Russian), where the leak is accepted to be initially offloaded. The file of leaked emails does not contain any passwords or other touchy data, just full gmail email addresses. As the leak was posted just hours prior, Reddit clients are cautioning one another not to enter any email username or watchword mixes into any sites "to check if your secret word is secure." It shows up tricks are as of now showing up or Reddit clients are getting prepared for the tricks t...