Skip to main content

Posts

Showing posts with the label hacker

How to Prevent your website to hack with PHPMailer library

The vulnerability could allow attackers execute arbitrary shell commands on web servers A critical remote code execution vulnerability in PHPMailer, one of the most widely used PHP email sending libraries, could put millions of websites at risk of hacking. The flaw  was found  by a security researcher named Dawid Golunski and an initial fix was included in PHPMailer 5.2.18, which was  released on 28 Dec 2016 . However, it turns out that the patch was incomplete and  can be bypassed . The PHPMailer library is used directly or indirectly by many content management systems (CMSs) including WordPress, Joomla and Drupal. Where the library is not included in their core code, it is likely available as a separate module or can be bundled with third-party add-ons. Because of this, the flaw's impact can vary from website to website. For example, the Joomla security team determined that the Joomla JMail class, which relies on PHPMailer, has additional validations ...

How to fight against hackers and spammers

Network security isn’t what it used to be. For decades, industrial networks were not connected to the outside world. So, security was a team of guards. Over the past 15 years, the advantages of connectivity outside the plant became too important to ignore. For the first 10 years of outside connectivity, cyber security was simple – if awkward, since plant computers could not be patched overnight in a world of continuous operation. Initially, attacks were fairly straightforward. Viruses often had the simple objective of capturing attention or being mildly disruptive. Network intrusion attempts could be identified and blocked at the perimeter. In the last five years, we’ve seen a surge in sophisticated and malicious hackers who want to disrupt production or steal recipes. * Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessib...