Cyber Security

All cyber security related news by The Hack Post can be found on this page.

WordPress SQL Injection

WordPress < 4.8.3 Vulnerable To SQL Injection (SQLI) Exploit

A security researcher named "Anthony Ferrara" has found a critical SQL Injection (SQLI) vulnerability in the WordPress CMS. According to WordPress team, the vulnerability exists in all previous versions of the...
Hackers Can Hijack Anyones Twitter Tweets (Legally)

Hackers Can Hijack Anyone’s Twitter Tweets (Legally)

Hackers can hijack tweets using a python script, created by misterch0c that runs through any twitter account to allow anyone to hijack any twitter accounts or users tweet.When the script is...
Nokia Leading Security with Multi-Layer Cloud Protection That Protects Users on Many Levels

Nokia Leading Security with Multi-Layer Cloud Protection That Protects Users on Many Levels

ESPOO, FINLAND– Many businesses believe that the cloud is the way of the future because it’s faster and easier for large numbers of people to navigate. The problem is that many...
NTFS-3G (Debian < 9) Vulnerable To Root Privilege Escalation- Local Root Exploit is Out

NTFS-3G (Debian < 9) Vulnerable To Root Privilege Escalation: Local Root Exploit is Out

NTFS-3G (Debian < 9) local privilege escalation vulnerability (CVE-2017-0358) exploit has just been released to the public. The level of severity this exploit provides is extremely high due to the fact...
Microsoft Word Macro Execution 0day Exploit Found

Microsoft Word Macro Execution 0day Exploit Found

An exploit in Microsoft Office Word has been discovered allowing hackers to execute malicious macro-based codes. Attackers can run the exploit in Metasploit and embed a macro virus into a Microsoft...
Don’t Forget to Activate VPN on Your Mobile Device Too

Don’t Forget to Activate VPN on Your Mobile Device Too

VPN apps have come a long way from a niche product used by geeks to one of the most basic applications you can find on nearly half of digital devices. The...
Google Online Security Blog - The glibc DNS Client Issue - Debugging Tools

The glibc DNS Client Issue: Google Online Security Debugging Tools

The Staff Security Engineer in this article (Serna) from Google filed a ticket to their supervisor (Stadmeyer) and they spent a good deal of time trying to figure out exactly why...
Wordpress Theme "dance-studio" Vulnerable to Arbitrary Shell Upload

WordPress Theme “dance-studio” Vulnerable to Arbitrary Shell Upload

A vulnerability in the WordPress theme "dance-studio" has been discovered allowing attackers to upload malicious files like a shell, onto the targeted website. The exploit was posted to the exploit database,...

Joomla! 3.6.4 Admin TakeOver Exploit is Now Public

A few days ago, a Joomla exploit has surfaced on the internet affecting the version 3.6.4 by allowing an attacker to take administrative control over the website using the Content Management...