Profile cover photo
Profile photo
oz 2 designs llc
30 followers -
Inbound Digital Marketing Solutions
Inbound Digital Marketing Solutions

30 followers
About
oz 2 designs llc's posts

Post has attachment
There is a vulnerability in WordPress SEO by Yoast. This is a CSRF vulnerability so is harder to exploit because it requires tricking an admin into loading a link from their own website where they're logged in. 

However it's serious enough that we're sending out an alert. Yoast has released a fix, so upgrade immediately. It's worth noting that this is getting a lot of press, so awareness among hackers of this issue is spreading quickly. So please upgrade at your earliest convenience. 
Photo

There is currently a zero day SQL injection vulnerability in the WordPress Video Gallery plugin. Our researchers are seeing exploits in the wild for this and the exploits claim the vendor has been notified on the 9th of February.

The plugin still has not been updated by the vendor. Because this is being exploited actively and the vendor has been notified, we are now publicly disclosing the existence of this vulnerability.

The vulnerability allows an attacker to download all databases that your WordPress system has access to. We have verified this in our lab by exploiting one of our internal systems with the newest version of this plugin installed.

At this time we recommend you disable and remove the plugin code immediately to close the security hole. When the vendor releases a security fix you can consider reinstalling this plugin.

Thank you Google+ for making it easy for me to delete a backup G+ page created by maps! #userfriendly   #Google  

Post has attachment
#Wordpress #Drupal #Joomla  Users Beware of FREE and Poorly developed theme templates!!!

Link to the detailed report. > https://foxitsecurity.files.wordpress.com/2014/11/cryptophp-whitepaper-foxsrt-v4.pdf

The short of it:
Nulled scripts are being used to produce themes for Wordpress, Drupal and Joomla. Nulled scripts are commercial web applications that you can obtain from pirated websites that have been modified to work without a license key. They are the web equivalent of pirated software. 

It’s come to our attention courtesy of Fox-IT that nulled scripts are being distributed via several websites with a sophisticated infection pre-installed. Fox-IT have dubbed it CryptoPHP because of the fact that it encrypts data before it sends it to command and control servers.

The infection is relatively simple: Inside a nulled script there’s a little line of code that looks like this:

<?php include('assets/images/social.png'); ?>

If you’re a PHP developer you will immediately recognize this as looking strange: It is a PHP directive to include an external file containing PHP source code, but the file is actually an image. Inside this image file is actual PHP and the code is obfuscated (hidden through scrambling) to try and hide the fact that it’s malicious.
Photo

Post has shared content
Be A Leader! Join Covenant House Washington on Nov. 20th, 6:30 PM at Freedom Plaza. #homelessyouth  

Post has attachment
Raising the Dead!

Post has shared content

Post has attachment

Post has attachment
Wait while more posts are being loaded