Here is the video for the WordPress Security presentation at WordCamp Phoenix 2013:
Here is the slide deck from the presentation:
Leave us your comments below.
Secure Website Development – Importance of Developing Securely
August 1, 2012 by Leave a Comment
We clean hundreds of sites every day and often their problems are associated with the same issues: outdated and sometimes unnecessary software, weak passwords and so on. But sometimes the issue is not as superficial, sometimes it goes a bit deeper than that. You know your server is updated, your CMS is also (ie., WordPress, Joomla, Drupal), yet you still get infected! How is that possible?!
That’s the question we hope to address in a series of posts related to developing with security in mind. This unfortunately is not something tailored for end-users, unless as an end-user you’re responsible for the development of your website. It is however good for end-users to read as it’ll help better understand other possible vectors affecting their infection or reinfection scenarios.
Read More
WordPress Update – 3.3.3 and 3.4.1 Patches Released!!
June 27, 2012 by 5 Comments
Well it was only a few weeks ago, but today, two new patches were released: 3.3.3 and 3.4.1.
The good news is, as they are patches, the updates should be fairly straight forward and should not cause much, if any, issues. It is important to note though that this is a Maintenance and Security release. On their official post they highlight the following items:
- Fixes an issue where a theme’s page templates were sometimes not detected.
- Addresses problems with some category permalink structures.
- Better handling for plugins or themes loading JavaScript incorrectly.
- Adds early support for uploading images on iOS 6 devices.
- Allows for a technique commonly used by plugins to detect a network-wide activation.
- Better compatibility with servers running certain versions of PHP (5.2.4, 5.4) or with uncommon setups (safe mode, open_basedir), which had caused warnings or in some cases prevented emails from being sent.
Google Safe Browsing Program 5 Years Old – Been Blacklisted Lately?
June 19, 2012 by 5 Comments
Today Google released a nice post: Safe Browsing – Protecting Web Users for 5 Years and Counting. In it they provide a good summary of what they have been up to the past 5 years with their Safe Browsing program.
Here are some interesting data points:
- 600 million users are protected
- 9,500 new malicious websites are found every day
- 12 – 14 million Google Search queries show malicious warnings
- Provide warnings to about 300,000 downloads per day
- Send thousands of notifications daily to webmasters
- Sent thousands of notifications daily to Internet Service Providers (ISPs)
Lockdown WordPress – A Security Webinar with Dre Armeda
April 26, 2012 by 7 Comments
We had the opportunity to do a webinar about WordPress security with the guys from iThemes yesterday. Here’s the video for those of you who missed out on the fun:
Dre Armeda from Sucuri Security presented on various WordPress related areas that help reduce risk for website owners and administrators. The webinar includes a high level discussion about the growth of the internet, he goes over some of the more popular malware attacks affecting WordPress users, then offers various tips, tools, and resources to help you reduce risk.
Hope you enjoy!
If you have any questions, feel free to email us at info@sucuri.net
Comments