Hackers are attempting to take over tens of thousands of WordPress sites by exploiting critical vulnerabilities including a zero-day in multiple plugins that allow them to create rogue administrator accounts and to plant backdoors.
Topic: Zero-day Exploits
In an unnerving twist, when a critical zero-day vulnerability was reported in a Unix administration tool, called Webmin, it was revealed the flaw was no accident. According to researchers, the vulnerability was a secret backdoor planted in the popular utility nearly a year before its discovery.
A trio of critical zero-day vulnerabilities in WordPress plugins has exposed 160,000 websites to attacks after a security researcher publicly disclosed the flaws before patches were made available.
Dr. Merz is a Senior Research Scientist at the Pacific Northwest National Laboratory (PNNL). She holds a Doctorate and Masters in Computer Science, with a concentration in Information Assurance from Colorado Technical University, and a Bachelor of Science in Information Management from the University of Maryland. Dr. Merz has 17+ years of cybersecurity
Microsoft has unleashed its September Patch Tuesday bug fix bonanza, patching 82 flaws in total. Among the 82 fixes, 26 of which have been rated 'critical', includes a patch for an actively exploited zero-day vulnerability tied to Microsoft's .NET framework.
Apache Struts 2 installations are being targeted - and hacked in large numbers - by attackers who are exploiting a zero-day flaw in the platform to remotely execute code, security researchers warn.