List of Domains Hosting Webshells for Timthumb Attacks
Daniel Cid We have been tracking TimThumb related attacks for a while and they are still at full force (yes, some people are still using the outdated…
Browsing Category
WordPress Security
663 posts
Websites Compromised with Fake AV Campaign (Windows Web Secure Kit)
“To help protect your computer, Windows Web Secure Kit have detected trojans and is ready to remove them”. We are seeing many WordPress sites compromised with a malware…
Official WordPress Plugin Directory – Forcing Plugin Updates
Dre Armeda For some while we have wondered what happens when a plugin is removed from the official WordPress plugin directory for security reasons. Historically, we haven’t…
Blog Comments – Analysing 100,000 Comments and Spammers
“Nice blog, thanks for the info” “Awesome site. Great job” “You should take part in a contest for one of the best blogs on the…
Sucuri WordPress Security Plugin Protects Against PHP-CGI Vulnerability
Tony Perez Today we released an update on the latest PHP CGI vulnerability and provided some additional information that users can use to help protect against it.…
PHP-CGI Vulnerability Exploited in the Wild
When the PHP-CGI vulnerability was disclosed, we knew it would be just a matter of days before it started to be exploited in the wild.…
New WooThemes Vulnerability Patched – Update Framework Now!
Yesterday a vulnerability on the WooThemes Framework was disclosed by Jason Gill on githumb:gist. The vulnerability allows a visitor to see and run the output of…
Lockdown WordPress – A Security Webinar with Dre Armeda
We had the opportunity to do a webinar about WordPress security with the guys from iThemes yesterday. Here’s the video for those of you who…
Sucuri Security WordPress Plugin Free To Clients: Getting Proactive with Web Malware
We are happy to announce that our premium WordPress plugin is now for free to all our existing and new clients. The plugin is a…
Malware campaign against WordPress sites (recovery-hdd dot eu)
We have been tracking a new malware campaign that has been compromising thousands of WordPress sites over the last 3 days. They are not doing…
WordPress Security Release – Upgrade to 3.3.2 TODAY
It’s that time again, to upgrade all your WordPress installs. This morning the core team released WordPress 3.3.2 which includes security updates for three external…