WordFence WordPress Security Plugin Pushes a Security Update
David Dede If you are one of the many users of the WordPress Security Plugin, WordFence, we highly encourage you to update. They recently pushed out a…
The WordPress Security Plugin Ecosystem
Tony Perez As a child, did you ever play that game where you sit in a circle and one person is responsible for whispering something into one…
Website Security – Compromised Website Used To Hack Home Routers
Fioravante Souza What if we told you that a compromised website has the ability to hack your home router? Yesterday we were notified that a popular newspaper…
Security Advisory – VirtueMart Extension for Joomla!
Marc-Alexandre Montpas If you’re using the popular VirtueMart Joomla! extension (more than 3,500,000 downloads), you should update right away. During a routine audit for our Website Firewall (WAF)…
Microsoft IIS Web Server – CMD Process Contributing to Website Reinfections
We often spend a lot of time talking about application level malware, but from time to time we do like to dabble in the ever…
Anatomy of 2,000 Compromised Web Servers used in DDoS Attack
Daniel Cid One of our clients was being attacked by a layer-7 DDoS attack for more than a week. The attack was generating around 5,000 HTTP requests…
Slider Revolution Plugin Critical Vulnerability Being Exploited
12.17.2014: See more information on the SoakSoak massive malware outbreak resulting from this vulnerability: RevSlider Vulnerability Leads To Massive WordPress SoakSoak Compromise by Daniel Cid…
Quick Analysis of a DDoS Attack Using SSDP
Rodrigo Montoro Last week, one of our many clients came under an interesting attack. Enough that it was flagged for human intervention. The interesting aspect of the…
My WordPress Website Was Hacked
Before you freak out, allow me to clarify. It was one of several honeypots we have running. The honeypots are spread across the most commonly…
Security Advisory – Akeeba Backup for Joomla!
We have also released a more recent post exploring this vulnerability further: The Details Behind the Akeeba Backup Vulnerability If you’re a user of the…
Thoughts on WordPress Security and Vulnerabilities
As avid readers of this blog know, we’ve discovered or written about multiple vulnerabilities within the WordPress ecosystem over the last couple of weeks specifically…