Tag Archives: wordpress

A surge of sites and apps are exhausting your CPU to mine cryptocurrency

By Dan Goodin

Enlarge / A cryptocurrency mining farm. (credit: Marco Krohn)

The Internet is awash with covert crypto currency miners that bog down computers and even smartphones with computationally intensive math problems called by hacked or ethically questionable sites.

The latest examples came on Monday with the revelation from antivirus provider Trend Micro that at least two Android apps with as many as 50,000 downloads from Google Play were recently caught putting crypto miners inside a hidden browser window. The miners caused phones running the apps to run JavaScript hosted on Coinhive.com, a site that harnesses the CPUs of millions of PCs to mine the Monero crypto currency. In turn, Coinhive gives participating sites a tiny cut of the relatively small proceeds. Google has since removed the apps, which were known as Recitiamo Santo Rosario Free and SafetyNet Wireless App.

Last week, researchers from security firm Sucuri warned that at least 500 websites running the WordPress content management system alone had been hacked to run the Coinhive mining scripts. Sucuri said other Web platforms—including Magento, Joomla, and Drupal—are also being hacked in large numbers to run the Coinhive programming interface.

Read 4 remaining paragraphs | Comments

Source:: Ars Tecnica


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or you could get your own free WordPress site for free right now, here.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!

Researchers find “severe” flaw in WordPress plugin with 1 million installs

By Dan Goodin

More than 1 million websites running the WordPress content management system may be vulnerable to hacks that allow visitors to snatch password data and secret keys out of databases, at least under certain conditions.

The vulnerability stems from a “severe” SQL injection bug in NextGEN Gallery, a WordPress plugin with more than 1 million installations. Until the flaw was recently fixed, NextGEN Gallery allowed input from untrusted visitors to be included in WordPress-prepared SQL queries. Under certain conditions, attackers can exploit the weakness to pipe powerful commands to a Web server’s backend database.

“This is quite a critical issue,” Slavco Mihajloski, a researcher with Web security firm Sucuri, wrote in a blog post published Monday. “If you’re using a vulnerable version of this plugin, update as soon as possible.”

Read 5 remaining paragraphs | Comments

Source:: Ars Tecnica

No worries here, not running that plugin.

Tim


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or you could get your own free WordPress site for free right now, here.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!

Virally growing attacks on unpatched WordPress sites affects ~2m pages

By Dan Goodin

Enlarge (credit: Wordfence)

Attacks on websites running an outdated version of WordPress are increasing at a viral rate. Almost 2 million pages have been defaced since a serious vulnerability in the content management system came to light nine days ago. The figure represents a 26 percent spike in the past 24 hours.

A rogues’ gallery of sites have been hit by the defacements. They include conservative commentator Glenn Beck’s glennbeck.com, Linux distributor Suse’s news.opensuse.org, the US Department of Energy-supported jcesr.org, the Utah Office of Tourism’s travel.utah.gov, and many more. At least 19 separate campaigns are participating and, in many cases, competing against each other in the defacements. Virtually all of the vandalism is being carried out by exploiting a severe vulnerability WordPress fixed in WordPress version 4.7.2, which was released on January 26. In an attempt to curb attacks before automatic updates installed the patch, the severity of the bug—which resides in a programming interface known as REST—wasn’t disclosed until February 1.

Read 4 remaining paragraphs | Comments

Source:: Ars Tecnica

Note: Looks like we are okay here. We use the automatic updates and are usually bleeding edge. That of course is never a reason to not be vigilant…

Tim


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or you could get your own free WordPress site for free right now, here.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!

Do You Think Your Site Is Secure? The Odds Are You Are Wrong

The Internet is still the Wild West!

Sure you have lots of firewalls, IP-Blocks and all sorts of other good security measures on your web server.

I have the same stuff and nothing here even worth hacking, but if you click the image a the top of this article you will see an average day here…

Yep, this is a short post, but if you have a WordPress powered web site, install some security! I am using the Shield plugin, plus a few others.

That is all,

Tim


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or you could get your own free WordPress site for free right now, here.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!

So to properly test out the Dragon Touch X10 I installed a server app and WordPress. It works!

Screenshot_2015-11-14-14-13-24
Click to see full size!

So in my never ending quest to find out something that my Dragon Touch X10 tablet can’t do, I decided to throw a web server app on it today.

I can happily report that the KSWeb app and WordPress work just dandy on this tablet (which I am writing this post on using it in LogiTab configuration). The screenshot at the top of this article is the site I set up, strictly for loca testing, of course….

Below you wil find a short video that I screen captured (a very nice built in feauture on the Dragon Touch slate).

 

Tim


Follow Tim on Twitter @tl1000rzx2
Or check out my other Tablet Site: THE Tablet Test Server
Or you could get your own free WordPress site for free right now, here.
Shop Our Sponsor


Shop Our Sponsor


HP Laptops at Super Low Prices!