In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish scripts into compromised WordPress sites. A bit later, we documented minor changes in the way Continue reading Xjquery Wave of WordPress SocGholish Injections
XML-RPC is a protocol designed for WordPress to standardize communication between different systems, allowing external applications (such as other blogging platforms and desktop clients) to interact with WordPress. This feature has been a part of WordPress since its early days, Continue reading What is XML-RPC? Security Risks & How to Disable
As a child, I loved sending secret messages to my friends using invisible ink. A quick squeeze of lemon juice was all I needed to jot down my secret message. When combined with a simple heat source (I used the Continue reading What is Steganography? (Or, How Hackers Hide Malware On Websites)
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup April 2023
The WordPress admin dashboard, though intuitive and feature-rich, can be time-consuming to explore. If you’re looking for a more direct approach to website management, consider giving the WordPress Command Line Interface (WP-CLI) a try! WP-CLI is an efficient and powerful Continue reading WP-CLI: How to Connect to WordPress via SSH
What is an SSH brute force attack? An SSH brute force attack is a common form of attack that targets remote services, particularly unix-based servers running SSH services for secure remote connections. These attacks often involve automated tools and bots Continue reading How to Prevent SSH Brute Force Login Attacks
Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of backdoors: PHP scripts designed to allow attackers access and control even after you’ve changed your Continue reading Massive Abuse of an Abandoned Eval PHP WordPress Plugin
What is a Content Security Policy (CSP)? A Content Security Policy (CSP) is a security feature used to help protect websites and web apps from clickjacking, cross-site scripting (XSS), and other malicious code injection attacks. At the most basic level, Continue reading How to Set Up a Content Security Policy (CSP) in 3 Steps
On April 11th, 2023, a software update was released to patch a severe vulnerability within the Limit Login Attempts WordPress security plugin. With over 600,000 installations, it’s among the most popular WordPress plugins in use to help prevent unauthorized access Continue reading Limit Login Attempts Vulnerability – Patch Now!
Our team at Sucuri has been tracking a massive WordPress infection campaign since 2017 — but up until recently never bothered to give it a proper name. Typically, we refer to it as an ongoing long lasting massive WordPress infection Continue reading Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign
Education is crucial in defending your website against emerging threats. That’s why we are thrilled to share our 2022 Website Threat Research Report. Disseminating this information to the community helps educate website owners about the latest trends and threats. This Continue reading Hacked Website Threat Report – 2022
On March 22nd, 2023 a security patch was issued for the popular website builder plugin Elementor Pro. Website administrators using this plugin should immediately patch to at least version 3.11.7 to avoid a potential website compromise. The security issue is Continue reading High Severity Vulnerability in WordPress Elementor Pro Patched
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup March 2023
When it comes to protecting your website from bad actors, there’s one threat you should be aware of: injection attacks. These attacks target weaknesses in your website’s security and are unfortunately quite common. In fact, the well-known organization OWASP ranks Continue reading The Top 10 Most Dangerous Types of Injection Attacks
On March 22nd, 2023 a critical vulnerability was discovered within the WooCommerce Payments plugin – an extremely popular eCommerce payment plugin for WordPress with over half a million active installations. Thankfully the vulnerability was discovered by white hat security researcher Continue reading Critical Vulnerability Discovered in WooCommerce Payments
Disclaimer: The malware infection described in this article does not affect the software plugin or payment gateway as a whole, and does not indicate any vulnerabilities or security flaws within Authorize.net itself nor WooCommerce or any associated WooCommerce plugin extensions. Continue reading WooCommerce Credit Card Skimmer Reveals Tampered Gateway Plugin
Finding bogus content and unexpected links for prescription drugs on your WordPress website can be a frustrating experience. But don’t blame your site: it just got caught up in a bad crowd of black hat SEO spammers and fell victim Continue reading How to Find & Fix: WordPress Pharma Hack
Nowadays, the term DDoS raises the heart rate of most webmasters. Though many don’t know exactly what a DDoS attack is, they might be familiar with the effects of getting DDoSed: an extremely sluggish, shut down, or dysfunctional website. In Continue reading How to Know If You’re Under DDoS Attack
Defacement is easily one the most obvious signs of a hacked website. In these attacks, bad actors gain unauthorized access to an environment and leave their mark through digital vandalism, altering its visual appearance or content in the process. In Continue reading What is a Website Defacement?
We recently had a new client come to us with a rather peculiar issue on their WordPress website: They were receiving unwanted popup advertisements but only when the website was accessed through links posted on FaceBook. Initially we thought that Continue reading Magbo Spam Injection Encoded with hex2bin