Sucuri – Decoding Obfuscated PHP
Tony Perez We are happy to release a new tool for you Do It Yourself (DIY) types. Every now and then you might come across a variety…
Browsing Category
WordPress Security
662 posts
Is WordPress.com SPAM Campaign Due to Compromise?
*****Updated – 20121019***** Both Matt Mullenweg and Barry Abrahamson, System Wrangler with Automattic, have confirmed that there was not an environmental compromise and everything was…
Dealing with WordPress Malware
A few months back I contributed to a post with Smashing Magazine on the top 4 WordPress Infections, it was released yesterday, and it couldn’t…
WordPress Themes: XSS Vulnerabilities and Secure Coding Practices
As many might imagine, my life revolves around Information Security. If you’re like me, you’re undoubtedly seeing all these new posts talking to insecurities in…
Careful With Fake jQuery Website – jquery-framework. com
Daniel Cid A few days ago we posted in our Labs notes about a Fake jQuery website that is distributing malware. The domain was properly chosen to…
WooThemes Security Audit Process & Development Partner WebDevStudios
WooThemes recently released a post talking to an audit that was performed on their various plugins and framework by our team. While true, it is…
Sociable WordPress Plugin Security Warning
If you are using the Sociable WordPress Plugin (plugin with 1,777,161 downloads), be very careful when visiting the plugin’s page settings. We recommend that you…
WordPress 3.4.2 Released – Maintenance and Security Update!
As many know, today the WordPress team released a new patch for WordPress 3.4.2, and have titled it a maintenance and security release. By now…
WordPress Security – Cutting Through The BS
Update 9/9/16: We released a new guide that provides better instructions on how to clean a hacked WordPress site using the Free WordPress security plugin.…
WordPress Security Presentation (in Portuguese)
David Dede Bruno Borges (from our security team), did a great presentation at WordCamp Sao Paulo (Brazil) about WordPress security and how to keep a site secure.…
Rebots.php JavaScript Malware Being Actively Injected
Dre Armeda Holy JavaScript malware, Batman! On August 11th we started seeing the Rebot JavaScript malware string injected on various websites. Since then, it has increased its…