Zero-day Duplicator Plugin Vulnerability – Patch it with BitNinja WAF
Eniko Toth

Zero-day Duplicator Plugin Vulnerability – Patch it with BitNinja WAF

On 19 February 2020, Wordfence reported a highly critical vulnerability found in the popular Duplicator plugin for WordPress. This plugin is useful when users want to migrate and copy WordPress sites. With Duplicator, sysadmins can create a new copy of the site and the generated file can be downloaded from the WP dashboard. WordPress Duplicator Plugin Zero-day Vulnerability Exploiting the newly discovered zero-day vulnerability allows hackers to download arbitrary files from the target sites. More than 1 million WordPress websites are affected by this security flaw. When users crea...
Read more
The Impact of AI and 5G in Cyber Security
Eniko Toth

The Impact of AI and 5G in Cyber Security

Critical Issues for Companies Looking to Get On Board the 5G, AI Revolution As companies brace themselves for the ongoing fourth industrial revolution, cybersecurity remains high on the agenda. Executives are wary about the challenges that accompany emerging major technologies such as 5G, but Artificial Intelligence (AI) is widely regarded as a cyber-security life line. The connectivity landscape is becoming more intricate. Networks carry an endless array of connected devices, and companies reckon cybersecurity issues may become exasperated as a result. They’ll need to protect more devic...
Read more
2019 Highlights – A Great Year at BitNinja
Eniko Toth

2019 Highlights – A Great Year at BitNinja

As 2019 will be over soon, it’s time to stop for a while and look back on what happened this year. 2019 was a unique year at BitNinja (you’ll see on the results). We got closer to our mission – making the internet a safer place. However, we couldn’t have reached the successes mentioned below without our ninjastic partners. Many new features were inspired by the Ninja Community. Also, the continuous feedback that we are receiving from day to day about how BitNinja changed businesses’ life for the better is a huge motivation for us to keep working harder and harder every day. So, we’d l...
Read more
Ultimate WAF Guide  - How to patch WordPress vulnerabilities and block web attacks
Jacint Lazok

Ultimate WAF Guide - How to patch WordPress vulnerabilities and block web attacks

An exploited CMS vulnerability or vulnerabilities to web-based attacks is a big security issue as one well-aimed attack can cause a data leak, data loss or make your server unavailable. These attacks need to be stopped before they even reach your server and the WAF 2.0 module can do that for you. This powerful defense tool can protect you from these attacks without slowing down your server’s response time or increasing the load. In this guide, I will show you how you can use it to maximize your server’s protection by fine-tuning this module. Spoiler: not by turning on every WAF rule ;)&n...
Read more
Case Study - The Best Security Solution for Valicom Net Cloud Services
Eniko Toth

Case Study - The Best Security Solution for Valicom Net Cloud Services

Valicom Net is a Cloud Hosting Company in Cyprus with more than 15 years of experience specializing in Business Web Hosting, Cloud Services, Virtual Private Servers, Dedicated Servers, Hosted Exchange, Web Development with Content Management System, Network Security, Antispam Services, Online Storage Email & Remote Backup. Challenges „As we offer managed and unmanaged services, the challenge for us was to protect both services. For the managed servers all security updates were done on time which was not the case with the unmanaged servers as customers usually don’t update them. We w...
Read more
Case Study - DDoS Problems Solved at ISO Certified IT Company
Eniko Toth

Case Study - DDoS Problems Solved at ISO Certified IT Company

Aitire is a small MSP (Managed Service Provider) company located in Spain. They have more than 10 years of experience in computer consulting, Free Software, Open Source, GNU / Linux, etc… They aspire every day to maximize their technology and provide the best tools to their clients. Challenges „We usually work with rpm based Linux distributions and we used to face a lot of problems on them. Before using BitNinja we experienced a huge amount of attacks, mostly DDoS.” - Alejandro Escobar Like many others, Aitire also tried different kinds of solutions against cybercrimes....
Read more
Case Study with BitNinja's Sister Company
Eniko Toth

Case Study with BitNinja's Sister Company

When I joined the BitNinja team in 2016, I heard the story about how BitNinja was born. It is a sister company of one the leading Hungarian shared hosting businesses and firstly it was only an in-house project to eliminate the hackers and bots. I wanted to learn more about the story and about how BitNinja changed this company's life, so I asked their CTO then. We wrote the case study, however, it was only available for our resellers yet, but now I'd like to share it with you too: The Company Web-Server is a Hungarian web hosting company with more than 10 years of experience. Their main p...
Read more
Satori IoT Botnet Stopped by BitNinja
Eniko Toth

Satori IoT Botnet Stopped by BitNinja

Our Port Honeypot module proactively catches botnets very quickly, as botnets usually start to scan open ports, which is the first step of the attack cycle. We found an old IoT botnet that became active again. It strangely happened just 2 months after 21-year-old Kenneth Schuchman pleaded guilty to developing and deploying the Satori botnet. The Satori botnet The Satori malware family was discovered in December 2017 . It is a derivative of the famous Mirai botnet, however, the technique of leveraging default or weak passwords doesn’t seem as effective for hackers anymore. As users...
Read more
Black & Whitelist Management by ASN
Eniko Toth

Black & Whitelist Management by ASN

Industry-first feature is available in BitNinja! We are happy to announce that the brand-new ASN white/blacklist option is out now. This development was requested by our users and we are so thankful that our partners are inspiring us to create such special features, which are only available in BitNinja. What does ASN mean? An autonomous system (AS) is a large network or multiple networks that are typically managed by a large enterprise, such as Internet Service Providers (ISP), educational institutions or government institutions. These large organizations usually have many differen...
Read more
Joomla & vBulletin RCE vulnerabilities patched by BitNinja WAF 2.0
Eniko Toth

Joomla & vBulletin RCE vulnerabilities patched by BitNinja WAF 2.0

RCE attacks are one of the most dangerous types of attacks as hackers could take complete control of the victim’s host, meaning that they can run commands, install malware, etc. In this article, I’d like to introduce 2 new vulnerabilities, which have been patched by BitNinja WAF: vBulletin RCE Rusty Joomla RCE New botnet utilizes the vBulletin RCE vulnerability In September, a new zero-day vulnerability was found in vBulletin . Nowadays, vBulletin is the most popular internet forum software, so this threat could affect many people. The vulnerability (CVE-2019-16759...
Read more