Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Plugins on well-known editing tools can give hackers priority
Whether a programmer or a writer, an editor always helps you work more effectively in a digital environment. For example, Sublime is used by many users due to its useful syntax highlighting and auto-complete tools.
These tools are often extended with third-party plugins. But these plugins often bring unpredictable dangers, even though plugins of familiar tools like Wordpress or Chrome.
Researcher at SafeBreach Dor Azouri analyzed some of the famous editing tools on Unix systems, Linux such as Sublime, Vim, Emacs, Gedit and pico / nano. Except for pico / nano, all have vulnerabilities that can help attackers escalate privileges and run malicious code.
Plugin from 3rd party is always hidden many dangers
This error lies in the stage when these tools download the plugin. Accordingly, the division of normal and escalating modes is not appropriately divided. The integrity of directory access is not preserved, so it is open to attackers with normal access to escalate privileges and run malicious code.
A simple malicious advertising campaign can help spread, run malicious code, install malware and completely control remote victim machines. Azouri recommends using open source host intrusion detection system named OSSEC to monitor system activity, logs, processes .
Users should avoid downloading 3rd party plugins while in Elevated mode and deny access to unprivileged users. Directory permissions, files should also be clearly divided between the two modes.
See more:
- WordPress plugins with more than 300,000 pages that use vulnerabilities are vulnerable to SQL Injection attacks
- How to remove and disable Plug-ins in the browser?
- Visual Studio Code now has an extremely useful color picker
Kareem WintersYou should read it
- Detects code execution vulnerabilities in WinRAR, noting more than 100 infringement cases
- More than 40 Windows drivers contain dangerous privilege escalation vulnerabilities
- Instructions for installing Sublime Text
- ProFTPD remote code execution vulnerability affects more than 1 million servers worldwide
- 10 best free HTML editing tools for Windows 2018
- What is Sublime Text? Why do developers often use Sublime Text
- 5 free online HTML editing tools that test the best code
- Adblock Plus filter can be exploited to run malicious code
May be interested
- 8 Plex Plugins You Need to Have
while plex is great on its own, the real fun comes from customizing your experience with plugins, turning the platform into your personal streaming delorean. - The 4 best Copilot plugins todaysimilar to how chatgpt previously introduced plugins to enhance functionality, microsoft copilot now has a number of plugins that greatly increase what you can do with the tool.
- 5 Best Productivity Plugins for Tmuxthis article will introduce some of the best plugins for tmux that can help optimize your terminal workflow.
- Hackers demand $ 50K from the hacker forum, otherwise they will give no Fedthe hacker world is also funny. this hack will make you feel more funny than worried.
- 4 useful tools for online web editingin the following article, we will introduce you some online editing tools that are quite diverse and useful for web development. these applications have a common feature that can work on a variety of environments, in any condition, as long as there is an internet connection.
- Change traffic traffic through priority mode with DD-WRTowning a server media system is great, unless other users don't know how to change and share bandwidth. by applying some basic rules of qos, we can set the priority mode and customize the amount of bandwidth corresponding ...
- Check spelling in WordPress with After the Deadlineif you are a wordpress user, this is definitely one of the indispensable tools when writing. the truth is that no one can guarantee that 100% of their posts are error-free, even those who specialize in editing sometimes have some basic errors ...
- Classify hackers and career opportunities for true hackersmust white hat hackers, black hat hackers, gray-hat hackers have to be all kinds of hackers in the world? let's find out the hacker classification in this article.
- Top best video editing software on computerthe best video editing software is the software with full tools to help you tweak the video. below is a list of the best free and cost-effective video editing software we have compiled, to help you improve your videos and videos.
- Hack the company selling Israeli smartphone hack tools, hackers get the bitter endnso group is an israeli company, specializing in selling iphone and android device hacking tools. but recently, the company has been attacked by one of its employees, stealing many valuable intellectual property and bringing hackers and hackers for sale on the black web.
Attack the network
- Using HotSpot Shield for security or Facebook access? Your IP is at risk of being exposed
- The CredSSP vulnerability in the RDP protocol affects all versions of Windows
- New dangerous security vulnerabilities appear on iOS 11.2.6, can read messages without unlocking
- The last 9 years Firefox has not protected user passwords carefully
- Detecting vulnerabilities in the QR code reader tool of iOS 11 may trick users into accessing malicious websites
- Many computers in Vietnam have been hijacked due to virus infection
Using HotSpot Shield for security or Facebook access? Your IP is at risk of being exposed
The CredSSP vulnerability in the RDP protocol affects all versions of Windows
New dangerous security vulnerabilities appear on iOS 11.2.6, can read messages without unlocking
The last 9 years Firefox has not protected user passwords carefully
Detecting vulnerabilities in the QR code reader tool of iOS 11 may trick users into accessing malicious websites
Many computers in Vietnam have been hijacked due to virus infection