Blog

RSS WordPress Blog
  • WordPress 5.5.1 Maintenance Release September 1, 2020
    WordPress 5.5.1 is now available! This maintenance release features 34 bug fixes, 5 enhancements, and 5 bug fixes for the block editor. These bugs affect WordPress version 5.5, so you’ll want to upgrade. You can download WordPress 5.5.1 directly, or visit the Dashboard → Updates screen and click Update Now. If your sites support automatic background updates, they’ve already started the update process. […]
    Jb Audras
  • The Month in WordPress: August 2020 September 1, 2020
    August was special for WordPress lovers, as one of the most anticipated releases, WordPress 5.5, was launched. The month also saw several updates from various contributor teams, including the soft-launch of the Learn WordPress project and updates to Gutenberg. Read on to find out about the latest updates from the WordPress world. WordPress 5.5 Launch […]
    Hari Shanker R
  • WordPress 5.5 “Eckstine” August 11, 2020
    Version 5.5 "Eckstine" of WordPress is available for download or update in your WordPress dashboard. With this release, your site gets new power in three major areas: speed (lazy-loading images), search (sitemaps included by default), and security (auto-updates for plugins and themes), along with many new features and improvements to the block editor.
    Matt Mullenweg
  • WordPress 5.5 Release Candidate 2 August 4, 2020
    The second release candidate for WordPress 5.5 is here! WordPress 5.5 is slated for release on August 11, 2020, but we need your help to get there—if you haven’t tried 5.5 yet, now is the time! You can test the WordPress 5.5 release candidate in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” option) Or download the release […]
    Jake Spurlock
  • The Month in WordPress: July 2020 August 3, 2020
    July was an action-packed month for the WordPress project. The month saw a lot of updates on one of the most anticipated releases – WordPress 5.5! WordCamp US 2020 was canceled and the WordPress community team started experimenting with different formats for engaging online events, in July. Read on to catch up with all the […]
    Hari Shanker R
  • WordPress 5.5 Release Candidate July 28, 2020
    The first release candidate for WordPress 5.5 is now available! This is an important milestone in the community’s progress toward the final release of WordPress 5.5. “Release Candidate” means that the new version is ready for release, but with millions of users and thousands of plugins and themes, it’s possible something was missed. WordPress 5.5 […]
    Jb Audras
  • WordPress 5.5 Beta 4 July 27, 2020
    WordPress 5.5 Beta 4 is now available! This software is still in development, so it’s not recommended to run this version on a production site. Consider setting up a test site to play with the new version. You can test WordPress 5.5 Beta 4 in two ways: Try the WordPress Beta Tester plugin (choose the […]
    David Baumwald
  • WordPress 5.5 Beta 3 July 21, 2020
    WordPress 5.5 Beta 3 is now available! This software is still in development,so it’s not recommended to run this version on a production site. Consider setting up a test site to play with the new version. You can test WordPress 5.5 Beta 3 in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding […]
    Jake Spurlock
  • WordPress 5.5 Beta 2 July 14, 2020
    WordPress 5.5 Beta 2 is now available! This software is still in development, so it’s not recommended to run this version on a production site. Consider setting up a test site to play with the new version. You can test WordPress 5.5 beta 2 in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” […]
    Jake Spurlock
  • WordPress 5.5 Beta 1 July 7, 2020
    WordPress 5.5 Beta 1 is now available for testing! This software is still in development, so it’s not recommended to run this version on a production site. Consider setting up a test site to play with the new version. You can test the WordPress 5.5 beta in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding […]
    Jake Spurlock
RSS Sucuri Blog
  • Malicious One-Liner Using Hastebin September 23, 2020
    Short scripts that deliver malware to a website are nothing new, but during a recent investigation we found a script using hastebin[.]com, which is a domain we see used infrequently. The script was found writing malicious contents into an image directory on a compromised website, allowing an attacker to execute other malicious commands. The attacker […]
    Krasimir Konov
  • Phishing Page Targets AT&T’s Employee Multi-Factor Authentication September 22, 2020
    Employees at companies of all sizes can be targets of phishing attacks, but certain corporations or industries can be more valuable to an attacker than others. For instance, employees at telecom companies will often have some level of elevated access that is unavailable to a non-employee. In fact, this access can be so valuable that […]
    Luke Leal
  • The Hidden PHP Malware that Reinfects Cleaned Files September 18, 2020
    Website reinfections are a serious problem for website owners, and it can often be difficult to determine the cause behind the reinfection — especially if you lack access to necessary logs, which is usually the case for shared hosting services. Some of the more common causes of reinfections are issues like cross- site contamination or […]
    Luke Leal
  • phpbash – A Terminal Emulator Web Shell September 16, 2020
    It’s common for hackers to utilize post-compromise tools that contain a graphical user interface (GUI) that can be loaded in the web browser. A GUI generally makes the tool easier to use — and certainly more visually appealing than just raw text. One example of web malware that uses GUIs are PHP webshells like r57. […]
    Luke Leal
  • Missing DMARC Records Lead to Phishing September 15, 2020
    Email will continue to be the dominant mode of digital communication for the foreseeable future. However, the email framework was not designed with security in mind. There still are security flaws that bad actors regularly exploit to their advantage. Recently, researchers have discovered a business-email compromise scam in Russia. Known as Cosmic Lync, the cybercriminal […]
    Kaushal Bhavsar
  • WordPress Malware Disables Security Plugins to Avoid Detection September 10, 2020
    An alarm or monitoring system is a great tool that can be used to improve the security of a home or website, but what if an attacker can easily disable it? I’ve previously written about malware that reverses security hardening measures enacted either manually by the owner, or through the use of a security plugin […]
    Luke Leal
  • Reflected XSS in WordPress Plugin Admin Pages September 8, 2020
    The administrative dashboard in WordPress is a pretty safe place: Only elevated users can access it. Exploiting a plugin’s admin panel would serve very little purpose here — an administrator already has the required permissions to do all of the actions a vulnerability could cause. While this is usually true, there are a number of […]
    Antony Garand
  • Insufficient Privilege Validation in NextScripts: Social Networks Auto-Poster September 4, 2020
    NextScripts: Social Networks Auto-Poster is a plugin that  automatically publishes posts from your blog to your Social Media accounts such as Facebook, Twitter, Google+, Blogger, Tumblr, Flickr, LinkedIn, Instagram, Telegram, YouTube, WordPress, etc. During a routine research audit for our Sucuri Firewall, we discovered a post deletion, arbitrary posting in social networks, and arbitrary plugin […]
    John Castro
  • Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites September 2, 2020
    Yesterday, the WordPress plugin File Manager was updated, fixing a critical vulnerability allowing any website visitor to gain complete access to the website. Users of our WAF were never vulnerable to this exploit. The Sucuri firewall blocks malicious payloads by default using our generic exploitation rules. Technical Details The vulnerability originated from the remains of […]
    Antony Garand
  • Using assert() to Execute Malware in PHP 7 Environments September 1, 2020
    Initially released December 2015, PHP 7 introduced a multitude of performance and security improvements. Approximately 43.7% of websites across the web currently use PHP 7.x, making it an incredibly popular scripting language — which is likely why attackers are creating malware to target environments which leverage it. During a recent investigation, our team stumbled across […]
    Krasimir Konov

Bash Cases Statement

Posted by on 9:14 am in Bash Script | 7 comments

The case construct in bash shell allows us to test strings against patterns that can contain wild card characters. Bash case statement is the simplest form of the bash if else then condition statement. The simple example for this is if you are expecting different inputs from a user and want to execute specific command sets on the choice used.     case $variable in pattern1 ) statements ;; pattern2 ) statements ;; * ) statements ;; … esac   We can see the common use of the case statement in the init scripts of the services which has the options like start, stop, restart and status.  ...

read more