#

Content Injection Vulnerability In WordPress REST API

During the Chinese spring festival, a severe content injection vulnerability was discovered in WordPress. This vulnerability allows an unauthorized user to inject malicious content and modify the content of any post or page within a WordPress site.

Date Published:2017-02-13 Read More >>

Recent Security Event

#

2016年安全威胁分析报告

2016

  • Source:Sangfor Security Center
  • Date Published:2017-01-05
#

'One billion' affected by Yahoo hack

​Yahoo has said more than one billion user accounts may have been affected in a hacking attack dating back to 2013.

  • Source:Sangfor Security Center
  • Date Published:2016-12-29
#

Nginx Privilege Escalation Vulnerability on Debian-based Linux

There is privilege escalation vulnerability (CVE-2016-1247) in Nginx. When Nginx creates log directories with insecure permissions, the vulnerability may be exploited by malicious local attackers to escalate their privileges from Nginx/Web user(www-data) to root.

  • Source:Sangfor Security Center
  • Date Published:2016-11-22
#

This Hack Gives Linux Root Shell Just By Pressing 'ENTER' for 70 Seconds

procedures on some Linux systems just by holding down the Enter key for around 70 seconds.

  • Source:Sangfor Security Center
  • Date Published:2016-11-21
#

Someone is Using Mirai Botnet to Shut Down Internet for an Entire Country

We have published an updated article on what really happened behind the alleged DDoS attack against Liberia using Mirai botnet. Someone is trying to take down the whole Internet of a country, and partially succeeded, by launching massive distributed denial-of-service (DDoS) attacks using a botnet of insecure IoT devices infected by the Mirai malware.

  • Source:Sangfor Security Center
  • Date Published:2016-11-10