What Is a Keylogger?
Rianna MacLeod Welcome to the world of keyloggers, where every keystroke you make may be watched, recorded, and potentially used against you! Now that we’ve got your…
Browsing Category
Website Security
1026 posts
Vulnerability in Essential Addons for Elementor Leads to Mass Infection
Ben Martin On May 11th, 2023, the very popular WordPress plugin Essential Addons for Elementor released a patch for a critical privilege escalation vulnerability, initially discovered by…
WordPress 6.2.1 Security & Maintenance Release
Cesar Anjos On May 16, 2023, the WordPress core team released a crucial update — WordPress 6.2.1. This latest security and maintenance release addresses a number of…
Websites Defaced with Belarusian Bottled Water Company Content
It’s not often that we get the opportunity to write about website defacements on this blog. Defacements — where a website homepage is replaced with…
Xjquery Wave of WordPress SocGholish Injections
Denis Sinegubko In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish…
What is XML-RPC? Security Risks & How to Disable
XML-RPC is a protocol designed for WordPress to standardize communication between different systems, allowing external applications (such as other blogging platforms and desktop clients) to…
What is Steganography? (Or, How Hackers Hide Malware On Websites)
As a child, I loved sending secret messages to my friends using invisible ink. A quick squeeze of lemon juice was all I needed to…
WordPress Vulnerability & Patch Roundup April 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
WP-CLI: How to Connect to WordPress via SSH
The WordPress admin dashboard, though intuitive and feature-rich, can be time-consuming to explore. If you’re looking for a more direct approach to website management, consider…
How to Prevent SSH Brute Force Login Attacks
What is an SSH brute force attack? A Secure Shell (SSH) brute force attack is a common form of attack that targets remote services, particularly…
Massive Abuse of Abandoned Eval PHP WordPress Plugin
Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of…