ISIS sympathizers exploiting WordPress plugins to hack websites, FBI warns

The Federal Bureau of Investigation warned Tuesday that attackers claiming to be sympathetic to the extremist group ISIS are targeting websites that have vulnerable WordPress plugins.

The content management system has a thriving community of third-party developers who have created some 37,000 plugins, but occasionally security vulnerabilities in one can put a large number of websites at risk.

Critical Security Vulnerability Found in WordPress Slider Revolution Plugin, Immediate Update Advised

There is a new vulnerability that is exploiting wordpress site(s) by which virtually anyone could easily gain access to your database credentials and everything else. It allows a remote attacker to download any file from the server, including the wp-config.php file, which gives the hacker full access to your site.

Joomla! 3.7.4 Release

Joomla! 3.7.4 is now available. This is a security release for the 3.x series of Joomla! which includes two security vulnerability fixes and over 50 bug fixes and improvements. We strongly recommend that you update your sites immediately.

What's in 3.7.4?

Joomla! 3.7.4 is released to address security issues as well as several bugs.

Security Issues Fixed

Petya Ransomware v0.3 National KE-CIRT-CC Report

Petya ransomware encrypts the master boot records of infected Windows computers, making affected machines unusable. Reports indicate that the ransomware exploits vulnerabilities in Server Message Block (SMB). The National KE-CIRT/CC encourages users and administrators to review the Microsoft Security Bulletin MS17-010 (link is external) and apply the update accordingly. Petya ransomware is targeting computers running the Windows operating system and has infected computers in many countries around the world.