Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Own a WordPress Website? ISIS is After You FBI warns


  • Please log in to reply
No replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,732 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:05:56 AM

Posted 09 April 2015 - 04:42 PM

 

If you run a self-hosted WordPress website, then you must Beware:
 
"ISIS is after you."
 
Yes, you heard right. The United States Federal Bureau of Investigation (FBI) is warning WordPress users to patch vulnerable plugins for the popular content management system before ISIS exploit them to display pro-ISIS messages.
 
According to the FBI, ISIS sympathizers are targeting WordPress sites and the communication platforms of commercial entities, news organizations, federal/state/local governments, religious institutions, foreign governments, and a number of other domestic and international websites.
 
 

Targets seem to be random: They are not linked to particular name or business.
 
The attackers are sympathizers and supporters of ISIS (also known as ISIL), not actual members of the terrorist organization. They are mostly unskilled people and are not doing much hard work — Just leveraging known WordPress plugin flaws in commonly available hacking tools.
 
These vulnerabilities have already been fixed by WordPress developers, but individual Website owners have failed to install the patches.
 
Want to know the best part?
 
The software patches for these identified WordPress vulnerabilities are available. So in order to avoid an attack on your website is pretty simple — Just update your WordPress installation and its plugins now.
 
Most of these flaws allow hackers to gain unauthorized access, inject scripts, bypass security restrictions, and steal cookies from PCs or network servers. This lets a malicious actor install malware, tamper with data or creates new accounts with full user privileges for affected websites.

 

 

 

Own a WordPress Website? ISIS is After You — FBI warns

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users