Profile cover photo
Profile photo
Joshua Bell
234 followers -
Lost in translation...
Lost in translation...

234 followers
About
Joshua's posts

Post has shared content

Post has shared content

Post has shared content
Apparently, Wordpress 4.7.2 contained a fix to a very severe issue that could allow an attacker to easily change any post on the site.

The issue had a delayed disclosure so that people had a chance to update first, and because of the delay, I only found out about it today, even though the delayed disclosure happened on Feb 1.

I've updated both +Android Police and +APK Mirror the same day the updates came out, so they were not vulnerable, but my old blog was still on 4.7.1 until today. And yeah, it got hacked, apparently 3 days ago, though I only noticed today. All they did was change the latest post to:
Hacked By MuhmadEmad
HaCkeD by MuhmadEmad HaCkeD By MuhmadEmad Long Live to peshmarga KurDish HaCk3rS WaS Here kurdlinux007@gmail.com FUCK ISIS !

And added an image. As far as hack outcomes go, this one was, thankfully, as innocent as they get.

Oddly, even though +Cloudflare had enabled a WAF rule to block the attack, the site got hacked anyway, and I'm currently trying to figure out how (they could have known the server's IP and just bypassed CF or something).

I also saw Samsung's blog got hacked yesterday, and now I am pretty sure this was the reason as well.

Scary stuff. So yeah, if you are running anything but the latest version of WordPress, UPDATE IT NOW.



As part of a vulnerability research project for our Sucuri Firewall (WAF), we have been auditing multiple open source projects looking for security issues. While working on WordPress, we discovered a severe content injection (privilege escalation) vulnerability affecting the REST API. This vulnerability allows an unauthenticated user to modify the content of any post or page within a WordPress site.

Post has attachment
I guess... 

Post has shared content
Your How-To Manual for Stories from Instagram and Snapchat
Read it all here https://goo.gl/Vi9tEF

The recent launch of Instagram stories gives users a space where they can share posts at higher frequency. With this new feature being introduced in the town, users will be able to share all the moments of their day in the slideshow format. The feature, named “Stories” lets users share their entire moment of the day, not just the ones they want to keep in their profile. You will be quite surprised to hear that a similar feature exists elsewhere, i.e on the other platform named Snapchat. However, the conclusion made by #socialmedia marketers has already unveiled that Instagram stories are a better alternative to #Snapchat stories. Instagram stories are therefore counted to be a genuine improvement over its antecedent.

Let’s dig deep to see how #Instagram and Snapchat STORIES work.

#infographic courtesy: +Salesforce

#socialmediamarking #socialmediatips #SMM
Photo

Post has shared content

Post has shared content

Post has shared content

Post has shared content
Wait while more posts are being loaded