WordPress Hackers

Your WordPress Posts Maybe A Risk

Kurdish Hackers are at it again… Creating and modify posts in WordPress.
Best guess is outdated WordPress Themes and Plugins…
Many vulnerability flaws by design in php/mysql making it impossible to be exempt from these attacks.

Always keep your website backed up on a regular basis. If you get hacked restore!
Change all passwords starting with cPanel then your data-bases and finally WordPress.
Check your file permissions carefully. Make sure the world can’t write to directories and your data-base.
Update your WordPress version theme and plugins to most current version. Remove old unused plugins and old themes.
API Vulnerability Exploits

System administrators make sure your server security is tight. Something simple as outdated binary executables could be a security risk.
Web developers hosting clients may want to consider using a good security team to harden your cPanel server.
Way to the web Configserver is as good as it gets.

Wordfence has great information understanding how PHP Vulnerabilities Originate and steps you can take to protect your WordPress site.

Cause of latest outbreak was unauthenticated privilege escalation vulnerability in REST API endpoint in 4.7 and 4.7.1 Hacked By MuhmadEmad

## Code Extracted From Hacked Post ##

HaCkeD by MuhmadEmad

HaCkeD By MuhmadEmad
Long Live to peshmarga

 

KurDish HaCk3rS WaS Here
kurdlinux007@gmail.com

This hacked client was running WordFence with tight permissions set. Majority have no clue. Anything attached to the web can be hacked!
The key is to be diligent keeping the honest honest by blocking what you can and keeping all software up to date.
Always nice to have friends and co-workers in the virtual world watching your back.
Kindness goes along way in the web community.