Wordpress

Critical RCE in WordPress Plugin (900K+ Installations): Detection & Mitigation

Critical RCE in WordPress Plugin (900K+ Installations): Detection & Mitigation

Defensive
Summary A WordPress plugin with more than 900,000 active installations is reported to have a Remote Code Execution (RCE) vulnerability with critical severity. This vulnerability allows attackers to execute arbitrary code on the target server under certain conditions. Given the large installation scale, the potential for mass exploitation is very high. Technical Impact A Remote Code Execution (RCE) vulnerability in a WordPress installation is one of the most critical vulnerability categories …
Read more…
Harderning Server with Fail2ban and Reporting to Telegram

Harderning Server with Fail2ban and Reporting to Telegram

Defensive
After being busy enough that I didn’t have time to create challenges and write down how to complete these challenges on this blog, this time we will discuss a little about fail2ban and how to configure it. Generally fail2ban is used to ban IPs that fail to authenticate up to the maximum limit stated in the configuration and this IPS is very effective in preventing attacks that will occur on the server, such as bruteforce attacks on SSH ports (22), FTP (21), SMTP (25), etc., even other …
Read more…