Cybersecurity, hackers, wordpress, imperva & much more…
Chatbots News Monday, June 4
- Critical Security Updates From MacOS, iOS and Safari released by Apple
- E-Commerce Websites Exposed To Hackers Due To Vulnerable WordPress Plugins
- Imperva’s research shows 75% of open Redis servers are infected
- Apple has rolled out security updates for its seven product lines MacOS, iOS, WatchOS, iTunes for Windows, tvOS, iCloud for Windows and Safari.
- Apple hasnt made the changelog public yet for iOS, watchOS and tvOS in an attempt to protect the users and avoid pointing hackers in the direction of where the flaw exists.
- Name and information link – – – Available for – Releasedate – – – – Safari 11.1.1 – OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4 – 01 Jun 2018 – – – – iCloud for Windows 7.5 – Windows 7 and later – 01…
- Apple is supposed to announce the details of macOS 10.14, a more major release expected in September, at its Worldwide Developers Conference on June 4.
- The macOS High Sierra 10.13.5 Update improves the stability, performance, and security of your Mac, and is recommended for all users.
@reach2ratan: Critical Security Updates From MacOS, iOS and Safari released by Apple https://t.co/YNzskpBwz7#Cybersecurity… https://t.co/f94ZIOeLlB
- Researchers at ThreatPress, WordPress security firm, confirm that several Multidot WordPress plugins bugs made e-commerce websites vulnerable to hacking.
- Ten WordPress plugins designed for e-commerce websites were disabled as the developers failed to release patches.
- In a blog post on Thursday, ThreatPress highlighted ten different WordPress plugins designed specifically for e-Commerce websites as dangerous.
- According to the researchers, these plugins pose a severe threat to all online business websites powered by WooCommerce and using one of these plugins.
- It is strange that WordPress can show you information about available updates, but still cant protect you by providing the information about closed plugins in the same way.
@reach2ratan: E-Commerce Websites Exposed To #Hackers Due To Vulnerable #WordPress Plugins https://t.co/DKPiGqtKks… https://t.co/I4i1G8arbE
- One of the most common attacks against Redis servers consists ofadding SSH keys, so the attacker can remotely access the machine and take it over.
- The experts used the SSH keys theyve collected through their honeypot to scan Redis servers that were left exposed online for the presence of these keys.
- The experts obtained a list ofover 72,000 Redis serversavailable online by using the shodan query port:6379,over 10,000 of these responded to its scan request without an error, allowing researchers to determine locally installed SSH keys.
- The discovery was disconcerting,over 75% of these Redis servers were using an SSH key associated with a botnet.
- Unsurprisingly, more than two-thirds of the open Redis servers contain malicious keys and three-quarters of the servers contain malicious values, suggesting that the server is infected.
@reach2ratan: #Imperva’s research shows 75% of open Redis servers are infected https://t.co/4hh88KkUfw#CyberSecurity #infosec… https://t.co/Gkj91Sl47U