Search the Community

[Hidden Content]

[Hidden Content]

Wordfence experts detected a massive wave of attacks in the last couple of days that targeted over 1.6 million WordPress sites. Wordfence researchers spotted a massive wave of attacks in the days that are targeting over 1.6 million WordPress sites from 16,000 IPs. “Today, on December 9, 2021, our Threat Intelligence team noticed a drastic uptick in attacks targeting vulnerabilities that make it possible for attackers to update arbitrary options on vulnerable sites. This led us into an investigation which uncovered an active attack targeting over a million WordPress sites.” reads the post published by Wordfence. “Over the past 36 hours, the Wordfence network has blocked over 13.7 million attacks targeting four different plugins and several Epsilon Framework themes across over 1.6 million sites and originating from over 16,000 different IP addresses.” The attacks are originating from 16,000 IP addresses and are targeting four WordPress plugins and fifteen Epsilon Framework themes. Below is the list of affected plugins: PublishPress Capabilities <= 2.3 Kiwi Social Plugin <= 2.0.10 Pinterest Automatic <= 4.14.3 WordPress Automatic <= 3.53.2 while the targeted Epsilon Framework themes are: Shapely <=1.2.8 NewsMag <=2.4.1 Activello <=1.4.1 Illdy <=2.1.6 Allegiant <=1.2.5 Newspaper X <=1.3.1 Pixova Lite <=2.0.6 Brilliance <=1.2.9 MedZone Lite <=1.2.5 Regina Lite <=2.0.5 Transcend <=1.1.9 Affluent <1.1.0 Bonkers <=1.0.5 Antreas <=1.0.6 NatureMag Lite – No patch known. Recommended to uninstall from site. Below are the top 10 offending IPs observed: 144.91.111.6 with 430,067 attacks blocked. 185.9.156.158 with 277,111 attacks blocked. 195.2.76.246 with 274,574 attacks blocked. 37.187.137.177 with 216,888 attacks blocked. 51.75.123.243 with 205,143 attacks blocked. 185.200.241.249 with 194,979 attacks blocked. 62.171.130.153 with 192,778 attacks blocked. 185.93.181.158 with 181,508 attacks blocked. 188.120.230.132 with 158,873 attacks blocked. 104.251.211.115 with 153,350 attacks blocked. Experts noticed that in most cases, the threat actors are enabling the users_can_register option and setting the default_role option to administrator. Then the attackers are able to register on any site as an administrator and take over the site. Site admins could determine if their site has been compromised by reviewing the user accounts on the site to determine if there are any unauthorized user accounts. Indicators of compromise include the presence of a vulnerable version of any of the above plugins or themes along with the presence of a rogue user account. Researchers recommend removing any rogue accounts and updating your plugins and themes as soon as possible Experts also recommend reviewing the settings in [Hidden Content] page focusing on Membership` and `New User Default Role` settings. “We strongly recommend ensuring that all of your sites have been updated to the patched versions of the plugins and themes.” concludes the post. Source

Product Descriptions: This is a Point of Sale app that can perform sell action locally in the device for use in coffee shop or retails outlets. It use SQLite Database to store all system data so no internet connection required. With this application, you are assured to save time-consumming process of developing mobile point of sale system that support both Android and iOS devices. It was developed in Xamarin.Forms with full shared code 95% and 5% platform specific code used to import data, images section and some another sections. Note: You will not find this version in all forums. Private Only For Level23Hack by LSDeep. Latest update: 25/08/2021 Pssword: level23hacktools.com Download: [hide][Hidden Content]]

About This File Converts the current value of hovercard activity to real time along with its last activity. [Hidden Content] [hide][Hidden Content]]

Functional: Hidden launch of any miners with console settings. CPU/GPU Definition - Video Card Memory Count and The Choice of the Right Miner, depending on GPU memory Miners are sent to a compressed zip archive with a password that allows you to reduce the detection range and compress very heavy miners (e.g. more than 650mb that would not be merged on the VT after the crypt) Included are 3 peeled miners under RavenCoin, Monero, Ethereum. Auto-start miners at the appearance of new bots Additional Functions: File Loader Remote Desktop File Manager Process Manager Remote Shell Execute .NET Code Get Admin Privileges Disable Windows Defender Visit WebSite Send MessageBox Client: Close, Restart, update, uinstall PC: LogOff, Restart, Shutdown Block Bot Protection: Aggressive - does not allow popular task managers to run. Easy - When you find popular task managers completes the mining processes and yourself (waits 4 minutes and starts again killing 1 time all task managers) [Hidden Content] Server Scan [Hidden Content]

FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease. Features FinalRecon provides detailed information such as : Header Information Whois SSL Certificate Information Crawler html CSS Javascripts Internal Links External Links Images robots sitemaps Links inside Javascripts Links from Wayback Machine from Last 1 Year DNS Enumeration A, AAAA, ANY, CNAME, MX, NS, SOA, TXT Records DMARC Records Subdomain Enumeration Data Sources BuffOver crt.sh ThreatCrowd AnubisDB ThreatMiner Facebook Certificate Transparency API Auth Token is Required for this source, read Configuration below Traceroute Protocols UDP TCP ICMP Directory Searching Support for File Extensions Directories from Wayback Machine from Last 1 Year Port Scan Fast Top 1000 Ports Open Ports with Standard Services Export Formats txt xml csv [Hidden Content]

[Hidden Content]

Email/User: Email Proxies: Yes Capture: Yes Recommended Bots: 150 Recommended OB ver: 1.0.0 [HIDE][Hidden Content]]