BaDoink Website Redirect – Malicious Redirections to Porn Websites on Mobile Devices
Daniel Cid The past week has brought about a large number of cases where compromised websites had hidden redirections to porn injected into their code. All the…
Browsing Category
WordPress Security
672 posts
PHP Callback Functions: Another Way to Hide Backdoors
Peter Gramantik We often find new techniques employed by malware authors. Some are very interesting, others are pretty funny, and then there are those that really stump…
Critical Update for JetPack WordPress Plugin
The Jetpack team just released a critical security update to fix a security vulnerability in the Jetpack WordPress plugin. The vulnerability allows an attacker to…
Unmasking “Free” Premium WordPress Plugins
Denis Sinegubko WordPress has a large repository of free plugins (currently 30,000+) that can add almost any functionality to your blog. However, there is still a market…
Security Exploit Patched on vBulletin – PHP Object Injection
The vBulletin team just issued a warning, and released patches for a security exploit that affected all versions of vBulletin including 3.5, 3.6, 3.7, 3.8,…
Understanding Denial of Service and Brute Force Attacks – WordPress, Joomla, Drupal, vBulletin
Tony Perez Many are likely getting emails with the following subject header: Large Distributed Brute Force WordPress Attack Underway – 40,000 Attacks Per Minute. Just this week…
More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack
Distributed Denial of Service (DDoS) attacks are becoming a common trend on our blog lately, and that’s okay because it’s a very serious issue for…
New iFrame Injections Leverage PNG Image Metadata
We’re always trying to stay ahead of the latest trends, and today we caught a very interesting one that we have either been missing, or…
Recent OptimizePress Vulnerability Being Mass Infected
A few weeks ago we wrote about a file upload vulnerability in the OptmizePress theme. We were seeing a few sites being compromised by it,…
WordPress OptimizePress Theme – File Upload Vulnerability
We’re a few days short on this, but it’s still worth releasing as the number of attacks against this vulnerability are increasing ten-fold. The folks…
Phishing Emails to Install Malicious WordPress Plugins
When all else fails, the bad guys can always rely on some basic social engineering tactics with a little hit of phishing!! Over the weekend,…