Shane Chambers No Comments

WordPress Sites Seeing Increased Cyber Attacks Thanks to Plugin Vulnerability

The team behind Wordfence, a popular security plugin for WordPress, have reported seeing a large increase in cyber attacks aimed at WordPress-based websites over the last few weeks. This is believed to be due to a vulnerability in another WordPress plugin, File Manager, which has over 700,000 active installations. While the vulnerability only affects those running certain versions of the File Manager plugin, Wordfence reports that cyber attacks are up across the board, as cyber criminals cast a wide net with their attacks.

An estimated 455 million websites run on WordPress, accounting for more than 30% of sites worldwide.

WordPress is an immensely popular platform that allows users to create websites easily, often with little to no coding skills, and add functionality via plugins. WordPress has been around since 2003, and while it initially gained traction as a blogging platform, it has since gained a much larger audience.

Plugins are the bread and butter of WordPress, allowing users to add advanced functionality without writing complex code from scratch or paying a developer. However, like all software, plugins must be updated regularly to protect against vulnerabilities and prevent devastating zero-day attacks.

WordPress site owners who are using versions 6.0 to 6.8 of the File Manager plugin are advised to update the plugin immediately, as the recently-discovered vulnerability allows unauthorised parties (see: cyber criminals) to upload potentially malicious files or execute commands on their target site, with the potential to cause catastrophic damage.

Wordfence, whose security plugin protects WordPress sites against malicious traffic, has said that although the overall percentage of sites running the vulnerable versions of File Manager is low, they have seen a huge increase in bots attacks to check for weaknesses.

“Attacks against this vulnerability have risen dramatically over the last few days. Wordfence has recorded attacks against over one million sites today, September 4, 2020. Sites not using this plugin are still being probed by bots looking to identify and exploit vulnerable versions of the File Manager plugin, and we have recorded attacks against 1.7 million sites since the vulnerability was first exploited,” according to Wordfence’s Ram Gall.

“Although Wordfence protects well over three million WordPress sites, this is still only a portion of the WordPress ecosystem. As such, the true scale of these attacks is larger than what we were able to record.”

Incidences such as these where criminals jump up en-masse to take advantage of a vulnerability in a broadly-used plugin highlights how important it is to ensure your WordPress site is as up-to-date as possible. Plugins which are no longer in use should ideally be disabled to reduce a website’s risk.

The latest version (6.9) of the File Manager plugin mitigates this vulnerability and WordPress site owners are strongly advised to update to it as soon as possible.

Shane Chambers No Comments

Enterprise Resource Planning Applications Next Big Cyber Attack Target

Cyber criminals are beginning to target Enterprise Resource Planning (ERP) applications, with the aim of disrupting and stealing data from large companies, according to reports from both security experts and the US government. According to a recent report from security companies Digital Shadows and Onapsis, hacktivists and state-sponsored groups in particular and looking to exploit flaws in platforms provided by Oracle and SAP.


SAP and Oracle are believed to be the biggest targets due to long-running security vulnerabilities

Read more

Shane Chambers No Comments

Website Offering DDoS Cyber Attacks For Just €12 Taken Down by Police

The ongoing battle between cyber criminals and cyber security forces rages on, as one of the world’s largest DDoS-for-Hire websites has been taken down by Dutch police. The website was the target of Operation Power OFF, a coordinated effort by police from the Netherlands, UK, Spain, Croatia, Canada, US, Germany, Europol and several other countries. The site in question, webstresser.org, was believed to have been responsible for attacks against several of the UK’s largest banks in November 2017, as well as carrying out attacks on government websites and police forces around the world. DDoS, or Distributed-Denial-of-Service, is an attack where many online devices (such as PCs or IoT devices) are used to overwhelm a website or online service with traffic, essentially forcing them to freeze up or shut down.


Webstresser.org, the largest known DDoS-for-Hire site, was seized by Operation Power OFF, a coordinated effort from cyber police from a dozen countries.

Read more

Shane Chambers No Comments

Small Businesses Experiencing More Cyber Attacks Than Large Organisations

We’ve all seen the headlines when a large multi-national corporation suffers a data breach, but are small businesses able to ‘fly under the radar’ for cyber crime? Well, according to Verizon’s annual data breach incident report, the opposite may be the case. While large organisations make headlines, the report found that 58% of data breaches actually occurred in small and medium-sized companies.

“Many small businesses don’t have the resources focused on security and training, and employees are not cognizant of being at risk,” according to the Vice President of Experian Data Breach Resolution, Michael Bruemmer. “Some of these businesses, especially startups, may have no or small revenue, but they may be processing credit cards or holding personal data for other companies, and they don’t realize they have to protect it.”


Half of all cyber attacks are currently believed to target small businesses (Source: Verizon Annual Data Breach Report)

Read more

Gerry Morley - Cyber Security & Disaster Recovery Consultant 1 Comment

Covert “Fileless” Virus Evades Banks Cyber Defences – Reinforces Need for Robust Disaster Recovery & Cyber Security Procedures

Imagine a cyber threat that can evade the bank level cyber security…leave little trace of infection and bypass most Anti-Virus software.

Hundreds of companies around the globe including several major banks and financial institutions have reportedly been hit by a cyber security attack masquerading as a dangerous covert memory-based fileless malware. The malware has been detected in at least 40 countries worldwide (including UK, France, USA to name a few).

Fileless Malware Cyber Security Geography

Read more