Hacking website with brute-force type attack on a local machine

I have already written about the danger to your website caused by insecurely stored back up files. However, it was a case when I was able to find FTP credentials used by Updraft backup WordPress plugin stored in the back up of the database. I think this is the most straightforward hacking technique ever and it doesn’t require specialised knowledge or software to perform the hack. But today I will tell you about the more sophisticated method.

So, let’s begin with the very first step of this hacking method. As I mentioned in the previous post, some Google dorks could lead you to websites with unprotected backup files due to the open directory listing. Trust me, there are hundreds if not thousands of such sites, and you can find them by applying various dorks since various WordPress backup plugins have different file naming scheme.

Insecure WordPress backup files

OK, now when you have a potential list of vulnerable websites, it’s time to pick up one and proceed with other steps. We are looking for sites with backups of the database which you can use on your local machine. Download the WordPress database file, and you’re ready to start the hack. Continue reading Hacking website with brute-force type attack on a local machine

WordPress backup files may endanger your website

WordPress backup files is an excellent way to ensure you can restore your website without any data loss. Making backups is a good practice, and I highly recommend to make copies of your website files and database periodically. In case of security breach, website defacing or other disasters these copies will save you a lot of time and maybe money. But sometimes these files may be the reason why your WordPress site got hacked. A few days ago I made a small researched to find out the threats caused by backup files.

WordPress backup plugins

There are a lot of different backup plugins for WordPress on the WordPress.org plugin repository. Also, there are many various premium plugins available outside. All these plugins have the same primary function, to make a backup of your precious data. Some of them offer simple backing up functions, some of them are more sophisticated and could provide more features to manage the backing up process. To do the research I need to pick up a target, right? So I picked up the most popular WordPress backup plugin that is available in WordPress plugin repository – UpdraftPlus WordPress Backup Plugin. Continue reading WordPress backup files may endanger your website

Email Subscribers & Newsletters plugin vulnerability found by ThreatPress

Email Subscribers & Newsletters WordPress plugin developed by Icegram has more than one hundred thousands active installs. Email Subscribers & Newsletters plugin is a complete newsletter solution, and you can collect leads, send automated notification emails, create and send newsletters.

Email Subscribers & Newsletters WordPress is an excellent plugin with a lot of features. However today I don’t want to discuss all the features of this plugin, I want to talk about the vulnerability that was found by ThreatPress Security company in this piece of software.

Email Subscribers & Newsletters plugin vulnerability

Recently we (ThreatPress Security) found a vulnerability in Email Subscribers & Newsletters plugin that could be easily exploited by anyone. I mean, by anyone. And the result of the successful attack is a complete list of subscribers.

Continue reading Email Subscribers & Newsletters plugin vulnerability found by ThreatPress

Sensitive data theft from Lithuanian plastic surgery clinic

Sensitive data leakage is a significant problem in the modern world. The most commonly stolen data contains personal identification data, logins to electronic banking accounts, etc. But the recent data theft case in Lithuania has caused great public resonance. One of the Lithuanian plastic surgery clinics suffered a hacker attack. Surgery clinic personnel did not detect the attack on time. Data loss discovered when hackers posted a part of the stolen data on the Darknet site.

It appears that hackers managed to download the whole database with personal data of all clinic clients. More than twenty-four thousand customers listed in this database. The database includes names, surnames, personal identification numbers, phone numbers, addresses, emails, all plastic surgery, and medical data. Moreover, the database contains all photos made before and after plastic surgeries. It made this security breach way more dramatic.

Continue reading Sensitive data theft from Lithuanian plastic surgery clinic