ASP Backdoors? Sure! It’s not just about PHP
Peter Gramantik I recently came to the realization that it might appear that we’re partial to PHP and WordPress. This realization has brought about an overwhelming need…
Browsing Category
WordPress Security
662 posts
Manipulating WordPress Plugin Functions to Inject Malware
Keir Desailly Most authors of website malware usually rely on the same tricks, making it easy for malware researchers to spot obfuscated code, random files that don’t…
WordPress Websites Continue to Get Hacked via MailPoet Plugin Vulnerability
Daniel Cid The popular Mailpoet(wysija-newsletters) WordPress plugin had a serious file upload vulnerability a few months back, allowing an attacker to upload files to vulnerable sites. This…
Phishing with Help from Compromised WordPress Sites
We get thousands of spam and phishing emails daily. We use good spam filters (along with Gmail) and that greatly reduces the noise in our…
Conditional Malicious iFrame Targeting WordPress Web Sites
Fioravante Souza We have an email address, labs@sucuri.net where we receive multiple questions a day about various forms of malware. One of the most common questions happen…
WordFence WordPress Security Plugin Pushes a Security Update
David Dede If you are one of the many users of the WordPress Security Plugin, WordFence, we highly encourage you to update. They recently pushed out a…
The WordPress Security Plugin Ecosystem
Tony Perez As a child, did you ever play that game where you sit in a circle and one person is responsible for whispering something into one…
Slider Revolution Plugin Critical Vulnerability Being Exploited
12.17.2014: See more information on the SoakSoak massive malware outbreak resulting from this vulnerability: RevSlider Vulnerability Leads To Massive WordPress SoakSoak Compromise by Daniel Cid…
My WordPress Website Was Hacked
Before you freak out, allow me to clarify. It was one of several honeypots we have running. The honeypots are spread across the most commonly…
Thoughts on WordPress Security and Vulnerabilities
As avid readers of this blog know, we’ve discovered or written about multiple vulnerabilities within the WordPress ecosystem over the last couple of weeks specifically…
Website Malware: Mobile Redirect to BaDoink Porn App Evolving
Recently, we wrote about a malware redirect causing compromised sites to redirect their visitors to pornographic content (specifically, the BaDoink app). You can read more…