Here is a great presentation given by Tony Perez our COO in October of 2012 at WordCamp Las Vegas:
Update like it’s hot!
The United States presidential campaign is going full force, and it’s been a doozy. We don’t typically get involved with political situations, short of cleaning some of the crazy defacements we see, this is an exception.
This election campaign has brought its typical bashing via commercials, the usual rhetoric we see in interviews, and even those cool vote for (plug in your favorite candidate) stickers. My personal favorite was the vice presidential debate which left me feeling like I was on the grade school playground making faces and sticking my tongue out at the resident bully.
Times have adapted a bit, and the tactics have changed along with the advancements in communications, and social interaction. Twitter discussions boasting crazy statistics, Facebook posts about how awesome each candidate is, all of these have even spawned interesting debate and discussion in my own social groups.
Apparently, the crazy and debatably bad tactics stem beyond the historical mediums into our lovely world of geek. I guess it was only a matter of time.
We have drummed up a couple of theories on how this happened, ultimately it’s up to you to decide. More on that at the end.
<script src="http://lig-limp.com.br/rebots.php".. <script; src="http://chezbruna.com.br/imagens/rebots.php"..
We clean hundreds of sites every day and often their problems are associated with the same issues: outdated and sometimes unnecessary software, weak passwords and so on. But sometimes the issue is not as superficial, sometimes it goes a bit deeper than that. You know your server is updated, your CMS is also (ie., WordPress, Joomla, Drupal), yet you still get infected! How is that possible?!
That’s the question we hope to address in a series of posts related to developing with security in mind. This unfortunately is not something tailored for end-users, unless as an end-user you’re responsible for the development of your website. It is however good for end-users to read as it’ll help better understand other possible vectors affecting their infection or reinfection scenarios.
It’s that time again. We’re actively looking for a Senior PHP Developer to join the family. If you are passionate about web-based malware, and you want to help build awesomess, we want to hear from you.
Details can be found here Sucuri employment.
For some while we have wondered what happens when a plugin is removed from the official WordPress plugin directory for security reasons. Historically, we haven’t seen much of anything happen – no notification to users, no official blog post, nothing beyond the plugin disappearing from the repo. Sometimes when it did disappear, my understanding is updates were forced – certainly for the major vulnerabilities.
In an interesting move, it looks like some experimental changes have been made to help ensure users quickly learn there is a security problem.
We had the opportunity to do a webinar about WordPress security with the guys from iThemes yesterday. Here’s the video for those of you who missed out on the fun:
Dre Armeda from Sucuri Security presented on various WordPress related areas that help reduce risk for website owners and administrators. The webinar includes a high level discussion about the growth of the internet, he goes over some of the more popular malware attacks affecting WordPress users, then offers various tips, tools, and resources to help you reduce risk.
Hope you enjoy!
If you have any questions, feel free to email us at firstname.lastname@example.org