Security Breaches, Hacks & Concerns – May 2019
Below is a recap of of WordPress security vulnerabilities and other software exploits from around the Web in May 2019.
If you have any of the plugins or themes installed on your website, or use any of the software mentioned, update them to the most current version as soon as possible. In some cases their has been no solution provided by the developer and we strongly urge you to remove the theme/plugin/software and find an alternate solution.
Remember that outdated software is the number one reasons websites and devices get hacked.
WordPress Plugin Vulnerabilities:
- Blog Designer
- All-in-One Event Calendar
- Convert Plus
- Custom Field Suite
- Form Maker by 10Web
- FV Flowplayer Video Player
- Live Chat with Facebook Messenger
- Newsletter Manager (WordPress.org has closed the Newsletter Manager plugin, so remove the plugin and find a replacement.)
- Ninja Forms File Uploads Extension
- Simple File List Plugin
- Slick Popup (WordPress.org closed Slick Popup Manager on May 2019, so I would suggest removing the plugin and finding a replacement.)
- Slimstat Analytics
- Ultimate Member
- W3 Total Cache
- WP Booking System
WordPress Theme Vulnerabilities:
- Traveler (the vulnerability has not been patched – watch for an update soon).
Breaches From Around the Web
Antivirus Company Source Code On Sale
A hacker group named Fxmsp claim to have stolen 30 terabytes of data from American antivirus companies. This is an interesting story because it shows that even antivirus companies are vulnerable to attacks. Not to mention that household names like McAfee and Norton may be the victims.
Alpine Linux Docker Image Vulnerability
Versions of Alpine Linux Docker images contained a vulnerability in the login process that allowed someone to gain access
Facebook-owned WhatsApp had a vulnerability that allowed attackers to install spyware on your phone. If you are a WhatsApp user be sure, you are using the latest version of the app.
Attackers Exploit Oracle WebLogic Servers
Last month, it was disclosed that WebLogic Servers were vulnerable to a Sodinokibi ransomware exploit. Oracle has issued a patch for the vulnerability. Victims of the attack were greeted with a demand of payment to release decrypt their files.
The City of Baltimore is Hacked
The city of Baltimore was the victim of a malware attack costing the city an estimated 18.2 million dollars. To add insult to injury, they were attacked using EternalBlue. EternalBlue is a tool that was developed by the N.S.A. using United States tax dollars.
Google Blogs About Storing Passwords in Plain Text
Google disclosed that they patched a bug that has been ongoing since 2005. The bug that only affected G Suite business users, would store some passwords in plain text. This means anyone who gained access to the stored passwords would be able to view your password.
Slack for Windows Vulnerability
If you are using Slack on Windows, be sure you update to version 3.4.0 immediately. Prior to version 3.4.0, hackers could post a malicious link that when clicked that would have allowed them to redirect a user’s downloads to a file server belonging to the attacker.
Thanks to iThemes for compiling this information!