Attacks On WordPress Sites Intensify As Hackers Deface Over 1.5 Million Pages

An anonymous reader writes: “Attacks on WordPress sites using a vulnerability in the REST API, patched in WordPress version 4.7.2, have intensified over the past two days, as attackers have now defaced over 1.5 million pages, spread across 39, 000 unique domains, ” reports BleepingComputer. “Initial attacks using the WordPress REST API flaw were reported on Monday by web security firm Sucuri, who said four groups of attackers defaced over 67, 000 pages. The number grew to over 100, 000 pages the next day, but according to a report from fellow web security firm WordFence, these numbers have skyrocketed today to over 1.5 million pages, as there are now 20 hacking groups involved in a defacement turf war.” Making matters worse, over the weekend Google’s Search Console service, formerly known as Google Webmaster, was sending out security alerts to people it shouldn’t. Google attempted to send security alerts to all WordPress 4.7.0 and 4.7.1 website owners (vulnerable to the REST API flaw), but some emails reached WordPress 4.7.2 owners. Some of which misinterpreted the email and panicked, fearing their site might lose search engine ranking. Read more of this story at Slashdot.

Read More:
Attacks On WordPress Sites Intensify As Hackers Deface Over 1.5 Million Pages

It’s shockingly easy to hijack a Samsung SmartCam camera

Enlarge Smart cameras marketed under the Samsung brand name are vulnerable to attacks that allow hackers to gain full control, a status that allows the viewing of what are supposed to be private video feeds, researchers said. The remote code-execution vulnerability has been confirmed in the Samsung SmartCam SNH-1011, but the researchers said they suspect other models in the same product line are also susceptible. The flaw allows attackers to inject commands into a Web interface built into the devices. The bug resides in PHP code responsible for updating a video monitoring system known as iWatch. It stems from the failure to properly filter malicious input included in the name of uploaded files. As a result, attackers who know the IP address of a vulnerable camera can exploit the vulnerability to inject commands that are executed with unfettered root privileges. “The iWatch Install.php vulnerability can be exploited by crafting a special filename which is then stored within a tar command passed to a php system() call,” the researchers wrote in a blog post published to the Exploitee.rs website. “Because the webserver runs as root, the filename is user supplied, and the input is used without sanitization, we are able to inject our own commands within the achieve root remote command execution.” Read 5 remaining paragraphs | Comments

Read more here:
It’s shockingly easy to hijack a Samsung SmartCam camera

Facebook was the victim of a backdoor hack

Even a tech giant like Facebook isn’t immune to significant security breaches. Devcore’s Orange Tsai recently discovered that someone had installed a backdoor on one of Facebook’s corporate servers (that is, not the social network itself) in a bid to swipe workers’ login details. While it’s not clear how successful the script-based exploit was, Tsai noted that the file transfer app hosted on the server had several vulnerabilities that effectively gave any intruder free rein. The attacker could have checked employee email, for instance, or even connected to Facebook’s virtual private network to get access to the company’s inner workings. Thankfully, this is all past tense. You’re only hearing about this now because Tsai reported the bugs to Facebook (to get a bounty, naturally), and waited until the firm completed its investigation before disclosing the flaws. That backdoor isn’t there anymore, folks. All the same, the incident is bound to humble Facebook a bit — it’s proof that the company is a prime target for hackers, and that it can’t assume it’s always on top of every possible security flaw. Via: Hacker News Source: Devcore

View post:
Facebook was the victim of a backdoor hack

Botnets running on CCTVs and NASs

Researchers at Incapsula have discovered a botnet that runs on compromised CCTV cameras. There are hundreds of millions, if not billions, of these in the field, and like many Internet of Things devices, their security is an afterthought and not fit for purpose. (more…)

Read More:
Botnets running on CCTVs and NASs

Astounding showpiece table full of hidden compartments nested in hidden compartments

Custom furniture maker Craig Thibodeau created this showpiece “Automaton Table” to illustrate all the different ways that he can hide secret compartments in the pieces he builds. (more…)

Read more here:
Astounding showpiece table full of hidden compartments nested in hidden compartments

PHP 5.6.0 Released

An anonymous reader writes “The PHP team has announced the release of PHP 5.6.0. New features include constant scalar expressions, exponentiation using the ** operator, function and constant importing with the use keyword, support for file uploads larger than 2 GB, and phpdbg as an interactive integrated debugger SAPI. The team also notes important changes affecting compatibility. For example: “Array keys won’t be overwritten when defining an array as a property of a class via an array literal, ” json_decode() is now more strict at parsing JSON syntax, and GMP resources are now objects. Here is the migration guide, the full change log, and the downloads page.” Read more of this story at Slashdot.

More:
PHP 5.6.0 Released

New Mayhem Malware Targets Linux and UNIX-Like Servers

Bismillah writes: Russian security researchers have spotted a new malware named Mayhem that has spread to 1, 400 or so Linux and FreeBSD servers around the world, and continues to look for new machines to infect. And, it doesn’t need root to operate. “The malware can have different functionality depending on the type of plug-in downloaded to it by the botmaster in control, and stashed away in a hidden file system on the compromised server. Some of the plug-ins provide brute force cracking of password functionality, while others crawl web pages to scrape information. According to the researchers, Mayhem appears to be the continuation of the Fort Disco brute-force password cracking attack campaign that began in May 2013.” Read more of this story at Slashdot.

See the original post:
New Mayhem Malware Targets Linux and UNIX-Like Servers

PHP 5.5.0 Released

New submitter irventu writes “The long-awaited PHP 5.5.0 has finally been released, bringing many new features and integrating Zend’s recently open-sourced OPcache. With the new Laravel PHP framework winning RoRs and CodeIgnitor converts by the thousands, Google recently announcing support for PHP in its App Engine and the current PHP renaissance is well underway. This is great news for the web’s most popular scripting language.” The full list of new features is available at the Change Log, and the source code is at the download page. Read more of this story at Slashdot.

Continue reading here:
PHP 5.5.0 Released

How to Build Your Own Syncing RSS Reader with Tiny Tiny RSS and Kick Google Reader to the Curb

Yes, Google Reader is going away , and yes, there are great alternatives . However, if you’re tired of web services shutting down on you , why not take matters into your own hands? Tiny Tiny RSS is a free, open-source syncing RSS platform with more features than Google Reader ever had, and it can’t get shut down. Here’s how to install it and set it up. More »

Read the article:
How to Build Your Own Syncing RSS Reader with Tiny Tiny RSS and Kick Google Reader to the Curb