The WordPress Brute Force Attack Timeline
Daniel Cid Authored by Daniel Cid, Tony Perez. We have been blogging about the massive brute force attacks against WordPress websites over the past few days, today…
Browsing Category
WordPress Security
680 posts
WordPress Malicious Plugin – WPPPM – Abusing 404 Redirects with SEO Poisoning
Tony Perez Bruno Borges, of our security team, came across an interesting case this week, in which a WordPress plugin was abusing the 404 rewrite rules and…
Mass WordPress Brute Force Attacks? – Myth or Reality
We are seeing in the media some noise about a large distributed brute force attacks against all hosts targeting WordPress sites. According to reports, they…
Protecting Against WordPress Brute-Force Attacks
It was not long ago that I was sitting on a call with other members of the WordPress community in which we were talking abou…
When Good Plugins Go Bad – SEO Spam on Joomla Websites
We recently published an article about an interesting case where a very popular WordPress Plugin (Social Media Widget), with more than 900,000 downloads, got sold…
WordPress Plugin Social Media Widget Hiding Spam – Remove it now
Authored by Daniel Cid and Tony Perez. If you are using the Social Media Widget plugin (social-media-widget), make sure to remove it immediately from your…
WordPress Security Presentation by Tony Perez
Tomorrow I will be flying to my hometown (Miami) to give a Website Security presentation to a bunch of enthusiastic online professionals at an event…
Virtual Hardening with Sucuri CloudProxy
If you read our blog you know that we are really open to providing insight into malware infections, remediation and hardening tips. The goal is…
WordPress Plugin: Easy Digital Downloads – Security Flaw Discovered and Patchedd
Dre Armeda Last night we were contacted by Adam Pickering about a security flaw discovered in Easy Digital Downloads (EDD), a free WordPress eCommerce plugin that allows…
Dre Armeda Presenting on WordPress Security at WordCamp Phoenix 2013
Here is the video for the WordPress Security presentation at WordCamp Phoenix 2013: Here is the slide deck from the presentation: Leave us your comments…
WordPress Security: 5 Steps To Reduce Your Risk
Update 11/3/2017: Check out our latest WordPress Security Guide for best practices to keep your website protected and learn about vulnerabilities. Often you hear the…