₦airaland Forum

Mossack Fonseca (MF), the Panamanian law firm at the center of the so called Panama Papers Breach may have been breached via a vulnerable version of Revolution Slider. The data breach has so far brought down the Prime Minister of Iceland and surrounded Russian President Putin and British Prime Minister David Cameron with controversy, among other famous public figures. It is the largest data breach to journalists in history, weighing in at 2.6 terabytes and 11.5 million documents.

Forbes have reported that MF was giving their customers access to data via a web portal running a vulnerable version of Drupal. We performed an analysis on the MF website and have noted the following:

The MF website runs WordPress and is currently running a version of Revolution Slider that is vulnerable to attack and will grant a remote attacker a shell on the web server.

Viewing this link on the current MF website to a Revolution Slider file reveals the version of revslider they are running is 2.1.7. Versions of Revslider all the way up to 3.0.95 are vulnerable to attack.

Mossack Fonseca running vulnerable Revolution Slider



It appears that MF have now put their site behind a firewall which would protect against this vulnerability being exploited. This is a recent change within the last month.

Looking at their IP history on Netcraft shows that their IP was on the same network as their mail servers.

Screen Shot 2016-04-07 at 9.58.56 AM

ViewDNS.info further confirms that this was a recent move to protect their website:

Screen Shot 2016-04-07 at 10.09.51 AM

According to service crawler Shodan, one of the IP’s on their 200.46.144.0 network runs Exchange 2010 mail server which indicates this network block is either their corporate network or at the very least has a range of IT assets belonging to the company. We also show they’re running VPN remote access software.

You can view the IP addresses used for email for MF below which are all on the same network block:

Screen Shot 2016-04-07 at 10.01.52 AM

To summarize so far:

We’ve established that they were (and still are) running one of the most common WordPress vulnerabilities, Revolution Slider.
Their web server was not behind a firewall.
Their web server was on the same network as their mail servers based in Panama.
They were serving sensitive customer data from their portal website which includes a client login to access that data.
A theory on what happened in the Mossack Fonseca breach:

A working exploit for the Revolution Slider vulnerability was published on 15 October 2014 on exploit-db which made it widely exploitable by anyone who cared to take the time. A website like mossfon.com which was wide open until a month ago would have been trivially easy to exploit. Attackers frequently create robots to hit URLs like : http://mossfon.com/wp-content/plugins/revslider/release_log.txt

Once they establish that the site is vulnerable from the above URL the robot will simply exploit it and log it into a database and the attacker will review their catch at the end of the day. It’s possible that the attacker discovered they had stumbled across a law firm with assets on the same network as the machine they now had access to. They used the WordPress web server to ‘pivot’ into the corporate assets and begin their data exfiltration.

Technical details of the vulnerability in Revolution Slider

This is a brief technical summary from one of our analysts describing the nature of the vulnerability in Revolution Slider that was exploited.

Revolution Slider (also known as Slider Revolution) version 3.0.95 or older is vulnerable to unauthenticated remote file upload. It has an action called `upload_plugin` which can be called by an unauthenticated user, allowing anyone to upload a zip file containing PHP source code to a temp directory within the revslider plugin.

The code samples below point you to where the specific problem is in revslider. Note that the revslider developer is allowing unprivileged users to make an AJAX (or dynamic browser HTTP) call to a function that should be used by privileged users only and which allows the creation of a file an attacker uploads.

Screen Shot 2016-04-07 at 10.31.37 AM

A demonstration of Revolution Slider being exploited

The following video demonstrates how easy it is to exploit the Revolution Slider vulnerability on a website running the newest version of WordPress and a vulnerable version of Revolution Slider.



Conclusion

As a courtesy we have reached out to Mossack Fonseca to inform them about the Slider Revolution vulnerability on their site and have not yet received a response. They appear to be protected against it being exploited, or perhaps re-exploited in this case but the WordPress plugin on the site still needs updating.

To protect your WordPress installation it is critically important that you update your plugins, themes and core when an update becomes available. You should also monitor updates for security fixes and give those the highest priority. You can find out if a WordPress plugin includes a security update by viewing the changes in the “Changelog”.

In this case the site owners did not update for some time and it resulted in world leaders being toppled and the largest data breach to journalists in history.

https://www.wordfence.com/blog/2016/04/mossack-fonseca-breach-vulnerable-slider-revolution/?utm_source=list&utm_medium=email&utm_campaign=mfon

OP, we need talk abeg!

ElrayKhalifah:
Hmmm......KUDOS, and some wailers go still talk say dem never learn from this...
^Naija zombies anyway

Bro are u talking seriously right now? Like really really serious? Wetin concern wailers with this talk now?

7:15 Pm, I'm on a bus about to commute to the Mainland part of Lagos from Obalende. This handsome, young guy comes to the window two seats rear my position and starts speaking impeccable English - "Please help me, I'm a student. I just need transport fare, I'm stranded. Please in the name of God, help me. If I lie, God will judge. I need help, I'm stranded here and I'm a student."

At that point I thought I needed to do something. At least, I've been (and I am) a student and I should empathize with him. The bus was about to make its move to the high and revered Third Mainland Bridge and the timing of the young 'helpee' was just perfect. In split seconds (well, more than that anyway) I recalled another particular 'young-old man' who would always replicate this similar act of plea but his recurrent lines were something like "Please, I have beans here in nylon (holds something out in a nicely wrapped light polythene) and I need 'buredi' (bread) to eat together with the beans". Though he says it in the Yoruba language, the lines are always the same every time I happen to see him. I think people already know him and therefore ignore him because his usual darkened lips gave him away as a perpetual smoker.

Talking about darkened lips, (and back to our student) the similarity was so daunting and crystal. I could not help but take a second look at him (as my hands have been triggered by my mind to reach for my wallet) and I decided to reprocess the information supplied by our 'student'...

1) He is stranded... But where is the destination the 'tfare' is needed for?
2) He is a student... Can he supply an ID Card to support that unanimous claim?
3) Let God be the judge... The judge of who? The potential helper or the 'helpee'

Before my hands could reach my wallet, I popped a question from where I sat.

" Can you show us your ID card?"

Apparently, he didn't hear me (as I'm one who don't talk too much and so loud). But the lady right in front of me repeated the question to his hearing, same did two other persons as the bus had almost began it course.

But ladies and gentlemen, our dear 'student' then displayed his true self. He spoke to the last lady who said the question I asked:
"God punish you! God go judge you. Get out joorrr. God will judge you and your family"

Our dear 'student' changed his steps o! He stepped away hurriedly and bouncing away his real self, he ranted with his darkened lips that have presumably romanced the vocal core of popular tobacco brands. Our bus moved.

It is good to give, but to the right people who deserve it - not people who'll use it to charge their societal destruction on law-abiding citizens. Yes. I give, but to those in obviously stranded situations or I simply give/pay more for a product/service of those I see are really trying to make ends meet. My room mate back in the days during college (and a close friend now) has taught me how to give non-monetarily to roadside help seekers that I'm convinced about: simply get them what they want to use the money for. Food? Buy it if it's sold around and give. 'Tfare' let them board the bus and you pay the conductor.

njuwo:
Oga fleps, see how I was rejected by Adsense when I was nearly approved, what do I do? See the message they sent me, Your AdSense application status
As mentioned in our welcome email, we
conduct a second review of your AdSense
application once AdSense code is placed on
your site(s). As a result of this review, we
have disapproved your account for the
following violation(s):
We did not approve your application for the
reasons listed below
Site does not comply with Google policies:
We're unable to approve your AdSense
application at this time because your site
does not comply with the Google AdSense
program policies or adhere to the
Webmaster Quality guidelines. It's our goal
to provide our advertisers sites that offer
rich and meaningful content, receive organic
traffic, and allow us to serve well-targeted
ads to users. We believe that currently your
site does not fulfill this criteria.
Here are some recommendations to help you
improve the user experience on your site
and comply with AdSense criteria:
It's important for sites displaying Google ads
to offer significant value to the user. As a
publisher, you must provide unique and
relevant content that gives users a reason to
visit your site first.
Don't place ads on auto-generated pages or
pages with little to no original content.
Your site should also provide a good user
experience through clear navigation and
organization. Users should be able to easily
click through your pages and find the
information they're seeking.
---------------------
To update and resubmit your application,
please visit google.com/adsense and sign in
using the email address and password you
submitted with your application. Our
specialists will review your account for
compliance with our program policies, so
please make sure to resolve all of the issues
listed above before resubmitting your
application.

What's the URL?

[quote author=Frankicent post=42882146][/quote]You have a ridiculous website. The links and background ad no be here... At first sight alone, disapproval comes. Remove all other ad network, pop ups and the likes before you apply and I also hope non of thy posts are copied.

Onyejemechimere:
fleps sir check out my site whether am ready for adsense
my signature

If no post is copied and you have upto 45 posts...

Delusion! That's how online madness starts.

Scammm!!!!

yomalex:
Hello Bro Kindly help with How you were able to solve this issue

Go to price Models>> Add New

Price should go this way. For me, I put all in one box for clients. Na so sample dey for spc4 manual

0-999=1.5
1000-29999=1.4
30000-99999=1.3
100000-4999999=1.2

and so on as u wish.

Go for .com

DMeanMan:
Yeah!!!

I got this every time I told people my Final year project was "The production of pencil"

The product is simple....but the technology is

I spent over 90K and couldn't see the project through.


Like many advanced countries, Nigeria import pencil. It's pathetic, I know.


That the government has recognized the potential in having a pencil production factory is commendable!

Intelligent folks here will know that the proposed factory would be servicing the international market, not just Nigeria!

At the bolded, do you mean you had to abandon the project? I would love to know to how produce such. If the FG is waiting till 2018, why can't someone just start now!?

Why are the youths so bent on criticising, blaming, and expecting the government to do everything.

Guy, please, what is the logistics behind it and how much will it cost?

2sexycom:
You know, when you folks talk like this, you just make me laugh. And who said she can't earn more than her counterparts? My uncle is currently one of the biggest transporter in Lagos, he never went to the UNIVERSITY like you did because the opportunity wasn't there. He bought his mansion for 200million. you read that? 200million. He built a school for his wife and it was MASSIVE. You have probably seen his bus before and if I mention it here, everyone will know his transport line.


But no guts, no glory.

Young man please understand me. It is good you earn all the money. It is possible you she earns more. But you gotta know that the inherent message is 'never get idle' or ' explore other ventures' or ' be creative in labour' and NOT 'be richer than your peers' or 'even without education money abounds in plenty than school'

For us adults we can filter and take what we want but for the generations coming after us, we should send the right message that this life, it's not only when u work in big firms that your future will be guaranteed. There is dignity of labour and this lady has rightly explored that.

LastMumu:
So because she is driving a cab she thinks she is better than her counterparts earning 'peanuts' from accounting firms?

Although I admire her spirit, I believe her viewpoint above is rather myopic.

Bro u just took it out of my mouth!

I admire her o! I love the spirit.

But if the glory is that she earns more than her counterparts, then purpose is defeated.

OLUWAcypris1:
A cheat wil always remain one jawe, men always luk 4 excuses 2 cheat even if d lady is as beautiful as a mermaid , nd holy as a saint

So women won't look for excuses?

constance500:
Girls like that doesn't exist.

They exist o!

ILOVEFOOD:
C preaching

She's dat scared

U think say e easy?

sinaj:
Even if he wudnt want to cheat on her, will dickson cooperate



Stubborn boy

He will. Words are powerful!

For me I think whatever will happen will surely happen... But the guy will surely have this message ringing in his head and may control any likely occurrences

Guy: Hey, babe

Girl: Hi, baby

Guy: What if I told you my ex wanted to see me and we were planning to hang out?

Girl: I wouldn't say anything

Guy: ...you wouldn't?

Girl: No, I wouldn't

Guy: Why not?

Girl: Because I trust you

Guy: But do you trust her?

Girl: Honestly? I don't give a Bleep about her. It's not about me trusting her, it's about me trusting you. Of course she wants to see you. She's your ex. She'll miss you from time to time. That's what ex girlfriends do. Obviously, she knows you and I are together, and all that matters to me is that you know we're together now, too. I trust you enough to know if she tries to lean in for a kiss, you'll back off or stop her and tell her she shouldn't do that. I trust you enough to know if she tries to randomly get on top of you, you'll push her off and tell her to cut it out and it isn't appropriate. I trust you enough to know that if she tries to sleep with you, you'll get up and walk away. At least, I hope I can trust you. I'm not trying to be that girlfriend who tells you who you can't see and who you can't talk to. I'm not trying to be that girlfriend who's controlling and makes decisions for you. I'm not trying to be that girlfriend who doesn't trust her man enough to know what's right from wrong. So if you want to see your ex and feel like you two can have a normal functioning friendship, then go ahead. If you know that some things might happen if you two are around each other, then you know you shouldn't and how that would make me feel. Again, I'm not going to tell you what to do. But I will say this; if something does happen and you allowed it to happen, you'll lose me and I won't even think twice about leaving you. Am I stupid for trusting you? Maybe, because most girls wouldn't. Am I uncomfortable with you being with her? Maybe, considering how she used to mean something to you, or I don't know if she still does. Am I going to trust you despite all of that? Yes, because I love you and that's how it's supposed to be. I know you love me enough to not hurt like that way. At least, I hope you do.

Nafizzey:
on point

Yeah. Thanks for reading.

nickjnr21:
I no fit try this... See hw that woman don pee for her trouser..

emmmm bro. She dey rest on something on!

forkinsonlolo:
Thanks

You're welcome bro

OK. So what if bae or boo (na only God know wetin una dey call am) wants this kind of outing?

No be small thing o! You fit do am?

Job candidates, whether active or passive usually come to a point where they ask "Is my CV being read by employers at all?" or "Is my CV not good enough to get me a job?" Though you can actually know whether an employer opened your CV or not, there is no guaranty that such CV will get you the job or impress the recruiter.

Recently I received an email from a reader to assist in giving "any observation, comment, or advice" concerning his CV as he's making preparations for his NYSC program. I delayed for some days due to a tight schedule and had to do a rewrite of the CV later. After his appreciation, I replied with some advice for writing his CV and after reading the sent mail I wrote myself, I thought it'd come in handy for others trying to rewrite a CV. Kindly find it below:

You're welcome.

Though I must explain some parts (of the CV I rewrote) to you.

1) At the Core Competencies and Skills, this is where you have to sell yourself. All things that you know you are competent at and skillful in.

2) Though Personal Details should not come up there but you are still pretty young and it's an advantage for you because companies love young entry level employees.

3) I removed Your Blog on the CV because in a way or the other it is not necessary or relevant for now. BUT using your discretion, if there are some jobs that will require that you have a blog or you know showcasing your blog is an advantage, please include it before you submit. That is why it is not advisable to use one CV for all jobs application. No. You need to remove or add any info that you know would increase your chances of being called for an interview.

4) Your hobbies/interest are quite worded but I left it so because I find it different from what it's supposed to be. But in situations where you're battling for space (e.g when you include your skills or include your NYSC) it has to be less because there is really no need to give so much space to what the recruiter will give little or no attention to.

I'd love that you rewrite your Career Objective. It's quite okay for now but you have tangible experience in communication so a little 'show off' on those lines will go a long way.

5) As much as possible, try and quantify your achievements. In fact, the latest style in CV writing is that accomplishments have subtly replaced mere responsibilities. So, as time goes on, replace those responsibilities with your achievements, do not separate them. This will allow for space for other important parts of the CV.

6) Finally, your CV should not be more than two pages for your level. Try as much as possible to make it so as you may soon have to add other things on it. Do not also forget the golden rule in CV writing:

IF IT'S NOT GOING TO GET THE JOB, DO NOT INCLUDE IT!

It's not everything you include on your CV. You have to keep editing as you apply to peculiar jobs.

Regards,



So, there you have it.

There are just basic rules for writing the CV. Follow them wisely and use your discretion in adding other info that may be relevant to your job application.

http://www.acegoals.com/my-sincere-cv-advice-to-job-candidates/

Hmmm. Good write up

Wetin cheers come mean now?

Nigerians I hail. This guy just think say all those water go enter him hand

Heheheheheheheheh

Naija. We no get chills at all o!!!

So you tell your boss that you're sick and cannot come to work and he tells you to send evidence. Just because you cannot go to the hospital and form sickness, you got to send a picture sha

Chai. That ExxonMobil name wia dem com add ehh

CreativeWeb:
All the registered business and registered business name must pay tax and make annual return to CAC. Annual Return is about 1k for small business like us. As for tax, you will have to ask an accountant to help you.

Thank you sir.