Shifting Malware Tactics & Use of Non-Executable .txt & .log Files
Krasimir Konov The malware landscape is constantly evolving — and bad actors are always devising new techniques to evade detection. Our analysts most commonly find website malware…
What is HSTS: HTTP Strict Transport Security
Kaushal Bhavsar HSTS or HTTP Strict Transport Security is a protocol that can make it more difficult for attackers to modify or intercept traffic between a user…
Password Security & Password Managers
Rianna MacLeod In the spirit of National Cyber Security Awareness Month (NCSAM), let’s talk about a security basic that many people overlook: passwords. These are one of…
Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins
Denis Sinegubko In the middle of September 2023, vulnerability advisory resources disclosed the details of an Unauthenticated Stored XSS vulnerability in the tagDiv Composer (the companion plugin…
Optimizing WordPress: Security Beyond Default Configurations
Ben Martin Default configurations in software are not always the most secure. For example, you might buy a network-attached home security camera from your friendly neighborhood electronics…
WordPress Vulnerability & Patch Roundup September 2023
Cesar Anjos Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
What Is ‘Error Establishing a Database Connection’ & How To Fix It in WordPress
Experiencing the ‘Error Establishing a Database Connection‘ on your WordPress website? This common error indicates that your site is unable to connect to its database,…
How to Find & Fix Japanese SEO Spam
Puja Srivastava Japanese SEO Spam, also known as “Japanese keyword hack” or “Japanese SEO poisoning,” is a spammy search engine optimization technique used by black hat SEO…
What is Secure Shell (SSH) & How to Use It: Security & Best Practices
Navigating your WordPress site’s dashboard can provide you with significant control over your website’s functionality and appearance. Yet it won’t offer a direct interaction or…
Decoding Magecart: Credit Card Skimmers Concealed Through Pixels & Images
MageCart infections most often come in the form of complex, obfuscated JavaScript injected into Magento database tables such as core_config_data, or as malicious plugins or…
How to Fix “Not Secure” Warnings and SSL Issues in WordPress (8 Steps)
If you own a WordPress website and ever encountered the “Not Secure” warning, you might have worried that visitors would perceive your site as spam…