Ninja blog

We believe it is important to show you how BitNinja performs on Linux servers globally because the crowdsourcing method makes our security system unique and efficient. With every new server and attack, our Defense Network grows stronger, and this kind of synergistic effect provides real value for shared hosting providers. Let’s see in numbers how […]

Brute Force is an old and popular technique for attackers to gain unauthorized access to an account or resource.  Its popularity is not going down any time soon.  Of course not! 2020 security reports reveal that 80% of data breaches involved brute-forcing or the use of stolen credentials. And brute force attacks are not something […]

A critical vulnerability was found in Contact Form 7. The WordPress utility is activated on more than 5 million websites, and 70% of these are running the unprotected 5.3.1 version or older. The vulnerability allows attackers to bypass Contact Form 7’s filename sanitization and upload a file that can be executed as a script file on the host server.

Researchers have found a vulnerability in cPanel and WHM. With a zero-day attack that is a brute force, hackers can easily bypass the 2-Factor Authentication (2FA). The SEC-575 vulnerability allowed attackers to try limitless 2FA codes until finding the right one and gain access to the account. Usually, brute force attacks take more hours or […]

On 2 September 2020 arstechnica reported a zero-day vulnerability in a WordPress plugin. File Manager helps users manage their files on the website. It was downloaded 700,000 times and more than half of the customers are affected. The vulnerability allowed hackers to execute commands and upload files on a website. How did the BitNinja team patch the vulnerability? We discovered the exploit with our Defense Robot. […]

The increasing number of data breaches raises new concerns for all companies. According to Statista, there were 1,473 million data breaches causing 164 million exposed records in the US in 2019. Many companies are being sued for data breaches and since the implementation of the General Data Protection Regulation (GDPR), these cybersecurity lawsuits run into […]

On 19 February 2020, Wordfence reported a highly critical vulnerability found in the popular Duplicator plugin for WordPress. This plugin is useful when users want to migrate and copy WordPress sites. With Duplicator, sysadmins can create a new copy of the site and the generated file can be downloaded from the WP dashboard. WordPress Duplicator Plugin Zero-day […]

Hackers and cyberattack techniques are evolving every day. Hosting companies and every server owner should keep an eye on the cybersecurity news to prepare themselves and protect their systems against the new types of threats. That’s why BitNinja collects the hottest cybersecurity news and sends out a Cybersecurity Digest each month. Now, we’ve summarized the […]

As 2019 will be over soon, it’s time to stop for a while and look back on what happened this year. 2019 was a unique year at BitNinja (you’ll see on the results). We got closer to our mission – making the internet a safer place. However, we couldn’t have reached the successes mentioned below […]