WordPress and Annotum for Education, Science,Journal Publishing
3.1K views | +5 today
Follow
WordPress and Annotum for Education, Science,Journal Publishing
WordPress and Annotum for Education, Science,Professional Journal Publishing with multiple authors and peer-reviews as also Knol to WP Migration...
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

ALERT!!! Jetzt Update installieren: WordPress behebt XSS-Lücke | Blogs | Blogging | CyberSecurity | Updates

ALERT!!! Jetzt Update installieren: WordPress behebt XSS-Lücke | Blogs | Blogging | CyberSecurity | Updates | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
Über eine Cross-Site-Scripting-Schwachstelle können Angreifer WordPress-Installationen kompromittieren. Betroffen sind alle Versionen bis einschließlich WordPress 4.4.

Mit einem Wartungs-Update beheben die Entwickler des Content-Management-Systems WordPress insgesamt 52 Bugs, die seit erscheinen Version 4.4 gefunden wurden. Admins, die Auto-Updates deaktiviert haben, sollten WordPress 4.4.1 schnellstmöglich manuell installieren, da das Update auch eine Cross-Site-Scripting-Lücke (XSS) behebt, über die Angreifer das CMS kompromittieren können.
Gust MEES's insight:

Über eine Cross-Site-Scripting-Schwachstelle können Angreifer WordPress-Installationen kompromittieren. Betroffen sind alle Versionen bis einschließlich WordPress 4.4.

Mit einem Wartungs-Update beheben die Entwickler des Content-Management-Systems WordPress insgesamt 52 Bugs, die seit erscheinen Version 4.4 gefunden wurden. Admins, die Auto-Updates deaktiviert haben, sollten WordPress 4.4.1 schnellstmöglich manuell installieren, da das Update auch eine Cross-Site-Scripting-Lücke (XSS) behebt, über die Angreifer das CMS kompromittieren können.


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Popular WordPress plugins found vulnerable to XSS attacks | UPDATE asap!!!

Popular WordPress plugins found vulnerable to XSS attacks | UPDATE asap!!! | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it

Vulnerable websites can be exploited via XSS to steal user accounts, change settings or phish passwords from unsuspecting users.

In fact, XSS flaws are one of the most commonly encountered security flaws found on websites.


Patching is obviously sensible and should be undertaken at the earliest opportunity, but never forget that additional layers of protection can go beyond patches – and perhaps be proactive in defending your systems from abuse during the time when no official fixes are available.

Gust MEES's insight:

Vulnerable websites can be exploited via XSS to steal user accounts, change settings or phish passwords from unsuspecting users.

In fact, XSS flaws are one of the most commonly encountered security flaws found on websites.


Patching is obviously sensible and should be undertaken at the earliest opportunity, but never forget that additional layers of protection can go beyond patches – and perhaps be proactive in defending your systems from abuse during the time when no official fixes are available.


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

WordPress plugin used by millions sports critical site-hijacking flaw | CyberSecurity | Blogging

WordPress plugin used by millions sports critical site-hijacking flaw | CyberSecurity | Blogging | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it

Another popular Yoast Wordpress plugin has been found sporting a critical vulnerability that can be exploited by attackers to take over control of the site.

A week ago it was the WordPress SEO plugin, which is actively used on more than a million of WP sites. This time it's the company's Google Analytics plugin, which has apparently been downloaded around 7 million times.

According to the researcher who discovered the issue, Jouko Pynnönen of Finland-based Klikki Oy, the vulnerability "allows an unauthenticated attacker to store arbitrary HTML, including JavaScript, in the WordPress administrator’s Dashboard on the target system. The JavaScript will be triggered when an administrator views the plug-in’s settings panel. No further user interaction is required."


Learn more:


http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing


Gust MEES's insight:

Another popular Yoast Wordpress plugin has been found sporting a critical vulnerability that can be exploited by attackers to take over control of the site.

A week ago it was the WordPress SEO plugin, which is actively used on more than a million of WP sites. This time it's the company's Google Analytics plugin, which has apparently been downloaded around 7 million times.

According to the researcher who discovered the issue, Jouko Pynnönen of Finland-based Klikki Oy, the vulnerability "allows an unauthenticated attacker to store arbitrary HTML, including JavaScript, in the WordPress administrator’s Dashboard on the target system. The JavaScript will be triggered when an administrator views the plug-in’s settings panel. No further user interaction is required."


Learn more:


http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Run WordPress SEO by Yoast on your website? You need to update it | CyberSecurity

Run WordPress SEO by Yoast on your website? You need to update it | CyberSecurity | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
A serious vulnerability was found in one of the most popular WordPress plugins, and guess what? It got fixed really quickly. :) All that remains is for you to apply the update on your web server.
Gust MEES's insight:

A serious vulnerability was found in one of the most popular WordPress plugins, and guess what? It got fixed really quickly. :) All that remains is for you to apply the update on your web server.


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Thousands of WordPress sites affected by zero-day exploit | CyberSecurity

Thousands of WordPress sites affected by zero-day exploit | CyberSecurity | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
Thousands of websites are at risk of being exploited by a previously undisclosed vulnerability in a WordPress plugin, which researchers say could be used to inject malicious code into websites.

The flaw exists in Fancybox, a popular image displaying tool, through which Sucuri researchers say malware or any other script can be added to a vulnerable site.

"We can confirm that this plugin has a serious vulnerability," the researchers wrote. "It's being actively exploited in the wild, leading to many compromised websites," the researchers wrote.
Gust MEES's insight:

Thousands of websites are at risk of being exploited by a previously undisclosed vulnerability in a WordPress plugin, which researchers say could be used to inject malicious code into websites.

The flaw exists in Fancybox, a popular image displaying tool, through which Sucuri researchers say malware or any other script can be added to a vulnerable site.

"We can confirm that this plugin has a serious vulnerability," the researchers wrote. "It's being actively exploited in the wild, leading to many compromised websites," the researchers wrote.


more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Wordpress Sites Seeing Increased Malware, Brute Force Attacks This Week

Wordpress Sites Seeing Increased Malware, Brute Force Attacks This Week | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
A glut of Wordpress sites have fallen victim to both malware infections and a series of brute force attacks that have making the rounds over the past several
Gust MEES's insight:

A glut of Wordpress sites have fallen victim to both malware infections and a series of brute force attacks that have making the rounds over the past several

more...
Gust MEES's curator insight, July 24, 2014 9:25 AM

A glut of Wordpress sites have fallen victim to both malware infections and a series of brute force attacks that have making the rounds over the past several...


Scooped by Gust MEES
Scoop.it!

WordPress Heartbleed Security Update

WordPress Heartbleed Security Update | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
WordPress.com has taken steps to deal with the Heartbleed vulnerability. Here's what you need to know.


Learn more:



Gust MEES's insight:


WordPress.com has taken steps to deal with the Heartbleed vulnerability. Here's what you need to know.


Learn more:




more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Hackers turn 162,000 WordPress sites into DDoS attack tools

Hackers turn 162,000 WordPress sites into DDoS attack tools | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
Legitimate sites forced to aid criminals' illicit botnet operations


Hackers have hijacked more than 162,000 legitimate WordPress sites, connecting them to a criminal botnet and forcing them to mount distributed denial-of-service (DDoS) attacks, according to security firm Sucuri.


Sucuri CTO Daniel Cid said the company uncovered the botnet when analysing an attack targeting one of its customers. Cid said Sucuri managed to trace the source of the attack to legitimate WordPress sites.

"The most interesting part is that all the requests were coming from valid and legitimate WordPress sites. Yes, other WordPress sites were sending random requests at a very large scale and bringing the site down," read the blog.


Gust MEES's insight:


Learn more:


http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?tag=Botnet


http://www.scoop.it/t/securite-pc-et-internet/?tag=Botnets


http://gustmees.wordpress.com/2012/05/21/visual-it-securitypart2-your-computer-as-a-possible-cyber-weapon/


http://gustmees.wordpress.com/2013/05/13/visual-cyber-security-see-attacks-on-real-time/

more...
Scooped by Gust MEES
Scoop.it!

Free guide: WordPress Security Checklist

Free guide: WordPress Security Checklist | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it

WordPress is not only easy to use, it also comes with many plugins and themes for you to choose from, making it extremely customizable. However, like all other popular platforms, it is also more prone to hacking.


more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

WordPress › AntiVirus « WordPress Plugins

WordPress › AntiVirus « WordPress Plugins | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
Gust MEES's insight:

 

WordPress › AntiVirus « WordPress Plugins

 

Learn more:

 

http://gustmees.wordpress.com/2013/06/23/ict-awareness-what-you-should-know/

 

more...
Gust MEES's curator insight, November 2, 2013 8:00 PM

 

WordPress › AntiVirus « WordPress Plugins

 

Learn more:

 

http://gustmees.wordpress.com/2013/06/23/ict-awareness-what-you-should-know/

 

Training in Business's curator insight, November 7, 2013 1:37 PM

WordPress › AntiVirus « WordPress Plugins

 

Techstore's curator insight, November 7, 2013 1:50 PM

WordPress › AntiVirus « WordPress Plugins

Scooped by Gust MEES
Scoop.it!

Hackers launch huge DDoS attack using WordPress websites | ITProPortal.com

Hackers launch huge DDoS attack using WordPress websites | ITProPortal.com | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
It’s being reported that hackers have seized control of a number of WordPress sites and are launching DDoS attacks against various websites.
Gust MEES's insight:

 

73.2% of the most popular WordPress installations are vulnerable to vulnerabilities which can be detected using free automated tools.

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=WordPress

  
more...
Gust MEES's curator insight, September 27, 2013 4:47 PM

 

73.2% of the most popular WordPress installations are vulnerable to vulnerabilities which can be detected using free automated tools.

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=WordPress

  

Scooped by Gust MEES
Scoop.it!

WordPress 3.5.2 Maintenance and Security Release

WordPress 3.5.2 Maintenance and Security Release | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it

 

 

 

WordPress 3.5.2 is now available. This is the second maintenance release of 3.5, fixing 12 bugs. 

 

 

 

===> This is a security release for all previous versions and we strongly encourage you to update your sites immediately. <===

 

Gust MEES's insight:

 

WordPress 3.5.2 is now available. This is the second maintenance release of 3.5, fixing 12 bugs. 


===> This is a security release for all previous versions and we strongly encourage you to update your sites immediately. <===


The WordPress security team resolved seven security issues, and this release also contains some additional security hardening.


more...
Gust MEES's curator insight, June 21, 2013 5:14 PM

 

WordPress 3.5.2 is now available. This is the second maintenance release of 3.5, fixing 12 bugs. 

 

===> This is a security release for all previous versions and we strongly encourage you to update your sites immediately. <===

 

The WordPress security team resolved seven security issues, and this release also contains some additional security hardening.

 
Gust MEES's curator insight, June 21, 2013 5:15 PM

 

WordPress 3.5.2 is now available. This is the second maintenance release of 3.5, fixing 12 bugs. 

 

===> This is a security release for all previous versions and we strongly encourage you to update your sites immediately. <===

 

The WordPress security team resolved seven security issues, and this release also contains some additional security hardening.

 

Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Be wary of WordPress plugin vulnerabilities

Be wary of WordPress plugin vulnerabilities | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
WordPress plugins are highly vulnerable, according to a recent report.

Via Gust MEES
Gust MEES's insight:

 

Learn more:

 

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?tag=Cybersecurity

 

more...
Scooped by Gust MEES
Scoop.it!

All WordPress users urged to update after critical flaw found | CyberSecurity

All WordPress users urged to update after critical flaw found | CyberSecurity | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
The latest version of the software, a security update, is WordPress 4.2.3.
Gust MEES's insight:

The latest version of the software, a security update, is WordPress 4.2.3.


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Hey, maybe ISIS can get you to update your WordPress site's security? | CyberSecurity

Hey, maybe ISIS can get you to update your WordPress site's security? | CyberSecurity | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
The FBI has issued a warning that ISIS-supporting hackers are exploiting vulnerabilities on websites running WordPress.
Gust MEES's insight:

The FBI has issued a warning that ISIS-supporting hackers are exploiting vulnerabilities on websites running WordPress.


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Four WordPress WPML Plugin Vulnerabilities Impact 400,000 Websites | CyberSecurity | #digcit

Four WordPress WPML Plugin Vulnerabilities Impact 400,000 Websites | CyberSecurity | #digcit | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
Multiple vulnerabilities in the WPML plugin that could allow attackers to access databases, delete site content, and gain administrative privileges have put as many as 400,000 websites at risk.

WPML is a popular WordPress plugin used for creating multi-lingual websites, and researchers have uncovered four critical vulnerabilities, the most serious being a SQL injection flaw that can allow unauthenticated access to the website’s database, exposing user details and password hashes.
Gust MEES's insight:

Multiple vulnerabilities in the WPML plugin that could allow attackers to access databases, delete site content, and gain administrative privileges have put as many as 400,000 websites at risk.

WPML is a popular WordPress plugin used for creating multi-lingual websites, and researchers have uncovered four critical vulnerabilities, the most serious being a SQL injection flaw that can allow unauthenticated access to the website’s database, exposing user details and password hashes.


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Over 1 million WordPress websites at risk from SQL injection | CyberSecurity

Over 1 million WordPress websites at risk from SQL injection | CyberSecurity | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
A critical security flaw in a plugin called WP-Slimstat is to blame.


Over one million websites running the WordPress content management system are potentially at risk of being hijacked due to a critical vulnerability exposed in the WP-Slimstat plugin.

On Tuesday, a security advisory posted by researcher Marc-Alexandre Montpas from security firm Sucuri said the "very high risk" vulnerability found in versions of WP-Slimstat 3.9.5 and lower could lead to cyberattackers being able to break the plugin's "secret" key, perform an SQL injection and take over a target website.


Learn more:


http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing


Gust MEES's insight:
A critical security flaw in a plugin called WP-Slimstat is to blame.


Over one million websites running the WordPress content management system are potentially at risk of being hijacked due to a critical vulnerability exposed in the WP-Slimstat plugin.

On Tuesday, a security advisory posted by researcher Marc-Alexandre Montpas from security firm Sucuri said the "very high risk" vulnerability found in versions of WP-Slimstat 3.9.5 and lower could lead to cyberattackers being able to break the plugin's "secret" key, perform an SQL injection and take over a target website.


Learn more:


http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

ALERT! | Major Security Vulnerability in WordPress, Drupal Could Take Down Websites

ALERT! | Major Security Vulnerability in WordPress, Drupal Could Take Down Websites | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
If your website runs on a self-hosted WordPress installation or on Drupal, update your software now.
Gust MEES's insight:

If your website runs on a self-hosted WordPress installation or on Drupal, update your software now.


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Serious security hole found in All in One SEO WordPress plugin

Serious security hole found in All in One SEO WordPress plugin | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
Do you use the popular All in One SEO Pack plugin on your WordPress website?


===> If so, you need to update the plugin as soon as possible to the latest version!!! <===


Gust MEES's insight:
Do you use the popular All in One SEO Pack plugin on your WordPress website?


===> If so, you need to update the plugin as soon as possible to the latest version!!! <===


more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Sucuri Security: Is your WordPress Site being used to attack others?

Sucuri Security: Is your WordPress Site being used to attack others? | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
Web site security monitoring and malware removal


Is my WordPress Site DDOS'ing others?

Lately we are seeing many legitimate and clean WordPress sites being misused on DDOS attacks. We explain in more detail in our blog how it can happen.

.

Example of site being misused: here. If you have any questions, please contact us at labs@sucuri.net or hit us on Twitter - @Sucuri_Security.

.

===> Check out if YOUR WordPress site is secure! <===


Gust MEES's insight:


===> Check out if YOUR WordPress site is secure! <===



more...
Gust MEES's curator insight, March 13, 2014 5:15 PM


===> Check out if YOUR WordPress site is secure! <===


Scooped by Gust MEES
Scoop.it!

WordPress WP-E-Commerce : multiples vulnérabilités

WordPress WP-E-Commerce : multiples vulnérabilités | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
Ce bulletin a été rédigé par Vigil@nce : http://vigilance.fr/offre SYNTHÈSE DE LA VULNÉRABILITÉ Un attaquant peut employer plusieurs vulnérabilités de (...)


Gravité : 2/4

Date création : 24/01/2014

DESCRIPTION DE LA VULNÉRABILITÉ

Plusieurs vulnérabilités ont été annoncées dans WordPress WP-E-Commerce.

Un attaquant peut uploader un fichier illicite via save-data.functions.php, afin par exemple de déposer un Cheval de Troie. [grav:2/4]

Un attaquant peut utiliser ajax.php, afin d’exécuter du code. [grav:2/4]

Un attaquant peut utiliser display-sales-logs.php, afin d’exécuter du code. [grav:2/4]

Un attaquant peut utiliser misc.functions.php, afin d’obtenir des informations sensibles. [grav:2/4]

Un attaquant peut provoquer un Cross Site Scripting dans swfupload.swf, afin d’exécuter du code JavaScript dans le contexte du site web. [grav:2/4]

Gust MEES's insight:


Learn more:


http://vigilance.fr/vulnerabilite/WordPress-WP-E-Commerce-multiples-vulnerabilites-14131


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Hacked WordPress Site Hosts Thousands of Links to Pharmacy Scams

Hacked WordPress Site Hosts Thousands of Links to Pharmacy Scams | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
The issue of hacked WordPress sites continues to persist, as evidenced by one victimized URL being used to host links to thousands if not millions or billions of shady pharmaceutical sites without the knowledge of the owners.

 

===> And, the team recommended the common-sense step of upgrading WordPress and all plugins to their latest versions. <===


Gust MEES's insight:

 

===> And, the team recommended the common-sense step of upgrading WordPress and all plugins to their latest versions. <===

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=WordPress

 

more...
Gust MEES's curator insight, December 11, 2013 6:39 PM

 

===> And, the team recommended the common-sense step of upgrading WordPress and all plugins to their latest versions. <===

 

Learn more:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=WordPress

 

Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

WordPress 3.7 released - complete with automatic security updates!

WordPress 3.7 released - complete with automatic security updates! | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
Automatic updating comes to self-hosted WordPress sites, with the hope of stamping out security vulnerabilities.

If you run a WordPress-powered website, check today which version you are running - and upgrade to "Basie".
Gust MEES's insight:

 

Learn more:

 

http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=WordPress

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=WordPress

 

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing

 

more...
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Safety and Security of WordPress Blog (Infographic)

Safety and Security of WordPress Blog (Infographic) | WordPress and Annotum for Education, Science,Journal Publishing | Scoop.it
WordPress is one of the most popular content management system (CMS) in use and around 17% of the websites that are present on the internet these days are powered by this CMS.
Gust MEES's insight:

 

Learn more:

 

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=WordPress

 

more...
Scooped by Gust MEES
Scoop.it!

The-Security-State-of-WordPress-Top-50-Plugins [pdf]

Gust MEES's insight:

 

Learn more:

 

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?tag=Cybersecurity

 

more...