News for Admins

Tech News

Article from ADMIN 53/2019
In the news: Code execution flaws in PHP; ESET finds malware that targets political activists; bluetooth vulnerability makes spying easy; and open source webmin had backdoor for more than a year;

Code Execution Flaws in PHP

The PHP community has released updates to PHP in order to patch multiple vulnerabilities in one of the most popular programming languages.

According to the Hacker News, "The vulnerabilities could leave hundreds of thousands of web applications that rely on PHP open to code execution attacks, including websites powered by some popular content management systems such as WordPress, Drupal, and TYPO3" (

Out of all these vulnerabilities, the most critical one was found in the Oniguruma library that comes bundled with PHP.

Red Hat released an advisory stating that the vulnerability "allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing crafted regular expressions" (

If your projects use PHP, please update immediately.

ESET Finds Malware That Targets Political Activists

Researchers at ESET have discovered an unreported malware dubbed Win32/StealthFalcon that exploits the Windows component Background Intelligent Transfer Service (BITS,

BITS is used by software updaters, messengers, and other services and applications that need to transfer a large amount of data without chomping on network bandwidth, like when a user is not using the machine.

According to ESET Research,

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

comments powered by Disqus