Day: October 11, 2023

WP Users Beware!

I try to be an FYI blog from time to time and this is one of those times.

This is a report that should be read by anyone using WP….seems thousands of WP sites have been hacked.

Thousands of sites running the WordPress content management system have been hacked by a prolific threat actor that exploited a recently patched vulnerability in a widely used plugin.

The vulnerable plugin, known as tagDiv Composer, is a mandatory requirement for using two WordPress themes: Newspaper and Newsmag. The themes are available through the Theme Forest and Envato marketplaces and have more than 155,000 downloads.

Tracked as CVE-2023-3169, the vulnerability is what’s known as a cross-site scripting (XSS) flaw that allows hackers to inject malicious code into webpages. Discovered by Vietnamese researcher Truoc Phan, the vulnerability carries a severity rating of 7.1 out of a possible 10. It was partially fixed in tagDiv Composer version 4.1 and fully patched in 4.2.

According to a post authored by security researcher Denis Sinegubko, threat actors are exploiting the vulnerability to inject web scripts that redirect visitors to various scam sites. The redirections lead to sites pushing fake tech support, fraudulent lottery wins, and push notification scams, the latter of which trick visitors into subscribing to push notifications by displaying fake captcha dialogs.

Sucuri, the security firm Sinegubko works for, has been tracking the malware campaign since 2017 and has named it Balada. Sucuri estimates that in the past six years, Balada has compromised more than 1 million sites. Last month, Sucuri detected Balada injections on more than 17,000 sites, almost double the number the firm had seen the month before. More than 9,000 of the new infections were the result of injections made possible by exploiting CVE-2023-3169.

https://arstechnica.com/security/2023/10/thousands-of-wordpress-sites-have-been-hacked-through-tagdiv-plugin-vulnerability/

Please take heed for your site could be at risk.

IST will most likely be safe for I do not use the plug-in in question…..but others might.

Be Smart!

Learn Stuff!

I Read, I Write, You Know

“lego ergo scribo”

Trying To Out Stupid Each Other

It seems that the GOP candidates spend a bunch of time trying to out stupid each other….one of the best moronic statements cam from GOP candidate Nikki Haley…..

Ron DeSantis wants suspected drug smugglers at the US-Mexico border to be shot dead. Nikki Haley promises to send special forces into Mexico. Vivek Ramaswamy has accused Mexico’s leader of treating drug cartels as his “sugar daddy” and says that if he is elected president, “there will be a new daddy in town.” Donald Trump, who has long shaped his Republican rhetoric on the border, has often blamed Mexico for problems in the US and promises new uses of military force and covert action if he returns to the White House. Many of the GOP presidential candidates say they would carry out potential acts of war against Mexico in response to the trafficking of fentanyl and other synthetic opioids, the AP reports.

I have hear other GOPers mouth this same type of stupidity.

I know it is a lot to ask but think about this for a split moment.

Sen. Graham also has this same idea….only he mouthed the stupidity first.

Sen. Lindsey Graham (R-S.C.) on Monday said he was prepared to introduce legislation to “set the stage” for U.S. military force in Mexico, saying it was time to “get tough” on the neighboring country after four Americans were kidnapped by armed men this week.

Graham told Fox News host Jesse Watters that he would follow the advice of former President Trump on Mexico policy.

“I would put Mexico on notice,” Graham said. “If you continue to give safe haven to drug dealers, then you are an enemy of the United States.”

Graham added he would “introduce legislation to make certain Mexican drug cartels foreign terrorist organizations under U.S. law and set the stage to use military force if necessary.”

“I would tell the Mexican government if you don’t clean up your act, we’re going to clean it up for you,” the senator said.

(thehill.com)

If the US sends Army troops into Mexico to hunt down drug dealers and cartel….is that similar, in principle, to Russia sending troops into Ukraine to hunt down Nazis?

I wrote ‘in principle’ we are not dealing with specifics.

Do we really want to invade our neighbor to the South?

Is that a prudent decision on any level?

Turn The Page!

I Read, I Write, You KNow

“lego ergo scribo”