Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

WordPress GDPR plugin inadvertently exposed sites to hackers

Keumars Afifi-Sabet reports:

Attackers have been exploiting a flaw in a WordPress GDPR-compliance plugin to hijack vulnerable websites and implement remote code execution.The flaw had been present in Wordfence’s GDPR Complianceplugin for at least four months and, ironically, allowed hackers to gain access to a site using the tool. Hackers could then execute any action and update any database value.There are examples of live sites infected using this attack method, including instances of malicious actors installing several administrator accounts, according to WordPress threat analyst Mikey Veenstra.

Read more on Alphr.

View All Trending Stories