Security News

An active botnet comprising hundreds of thousands of hijacked systems spread across 30 countries is exploiting "Dozens of known vulnerabilities" to target widely-used content management systems. The cybersecurity firm's six-month-long investigation into the botnet reveals a complex operation managed by one command-and-control server and more than 60 surrogate servers that communicate with the bots to send new targets, allowing it to expand the size of the botnet via brute force attacks and installation of backdoors.

Security researchers believe that compromised credentials were used by hackers to access the content management system behind Donald Trump's campaign website. According to WordPress security solutions provider Defiant, which develops the Wordfence product, the hackers most likely used compromised credentials for access, supposedly targeting the underlying Expression Engine content management system, which is an alternative to WordPress.

In this article, we'll take a look at security vulnerabilities in the context of CMS platforms and the implications of SQL injection attacks on your website. Web app attacks, which are commonly executed via SQL injection, are down from last year but have been trending dangerously upward since February, with 2.1 million attacks rising steadily to 4.9 million attacks in June.

A remote code execution vulnerability addressed recently in Concrete5 exposed numerous websites to attacks, Edgescan reports. What Edgescan discovered was an RCE flaw in Concrete5 that could have allowed an attacker to inject a reverse shell into vulnerable web servers, thus taking full control of them.

Researchers have identified more than 30 vulnerabilities across 20 popular content management systems, including Microsoft SharePoint and Atlassian Confluence. "In the most simple attack scenario, the attacker has access to the target CMS applications such as regular Sharepoint users being able to create their own sites and therefore being able to provide their own templates," Muñoz explained.

The influence campaign does not merely spread false news content on social media platforms such as Twitter and Facebook, as other disinformation campaigns have done. "We have dubbed this campaign 'Ghostwriter,' based on its use of inauthentic personas posing as locals, journalists, and analysts within the target countries to post articles and op-eds referencing the fabrications as source material to a core set of third-party websites that publish user-generated content," according to FireEye researchers in a Thursday analysis.

If you haven't recently updated your Drupal-based blog or business website to the latest available versions, it's the time. Drupal development team yesterday released important security updates...

A group of researchers has discovered that many of the web's most popular content management systems are using obsolete algorithms to protect their users' passwords.

Drupal, the popular open-source content management system, has released security updates to address multiple "moderately critical" vulnerabilities in Drupal Core that could allow remote attackers...

CMS Project Team Patches "Highly Critical" Remote Code Execution VulnerabilityPatch alert: Some versions of the popular content management system Drupal have a "highly critical" flaw that...