Blog

Thousands of routers are used to hack WordPress based websites
Wordfence specialists found that vulnerable routers are used to brute-force WordPress based websites.

Experts noticed something strange last month when the amount of cyber-attacks in Algeria jumped suddenly. The country went ...

In late February 2017 Google experts along with the Dutch Centrum Wiskunde & Informatica (the center of math and informatics) proved that SHA-1 is vulnerable to collision attacks.
In other words, hackers, using SHA-1 hash collision can create a fake ...

Distil Network researchers reported the appearance of a GiftGhostBot botnet.Specialists say that the GiftGhostBot exists since February 26th, 2017 and that its main goal is gift cards fraud.
GiftGhostBot aimed at an array of websites that accept gift cards. Most ...

According to Google report https://webmasters.googleblog.com/2017/03/nohacked-year-in-review.html?m=1

On the State of Website Security in 2016, there was a significant increase in the amount of compromised websites.

However regrettable, the Internet did not become a safer place in the past year, compared to 2015. In ...

On the basis of the simulated situation we discussed in our previous article, one of our clients found himself in a similar problem.

A couple of days ago our client, when attempting to upload a file, received the following error message:

The ...

Security Breach in a WordPress Plugin «Wordfence Security»
A short side note: This article was made after we shared the breach with the developers of the plugin and received a response from him (the quoted response is in part II ...

A dangerous local vulnerability is found in systemd 228 that allows a non-privileged attacker run a code as superuser.
As stated by security researcher Sebastian Krahmer, the problem previously found in systemd can be exploited not only for Linux distribution ...

Attackers are able to escalate their privileges and compromise the system as a result
Security researcher Dawid Golunski states that vulnerability in nginx (CVE-2016-1247) allows local attackers to obtain root privileges in the system.

Intruders who have managed to compromise an ...

New opportunities of KillDisk allow to control malware through the C&C server and use the application as a crypto ransomware
ESET researchers have discovered a new variant of KillDisk malware designed for attacks on the  Linux systems.

KillDisk is a destructive ...

The new Leet botnet was used in the DDoS attack on the infrastructure of the Imperva Incapsula company
Imperva Incapsula’s analysts have recorded a DDoS attack on the company’s infrastructure, which can lay claim to being the most powerful ones ...

The hole allows to remotely execute a code in the context of web server and compromize the web application.
Polish security researcher Dawid Golunski from Legal Hackers has found a critical hole in one of the most popular open source ...

Googleinfo-icon has released new tools and related documentation to help developers reduce the risk of XSS attacks using the Content Security Policy (CSP) standard. XSS-vulnerabilities continue to affect many web applications, including those developed by large companies.
In the past ...

December 19, 2016, a notice appeared in Ethereum Project’s official blog, warning that ethereum.org forum was compromised by unknown attackers.
The administration learned about the data leak on December 16, 2016. The first results of the investigation showed the following ...