How to Fix “Not Secure” Warnings and SSL Issues in WordPress (8 Steps)
Puja Srivastava If you own a WordPress website and ever encountered the “Not Secure” warning, you might have worried that visitors would perceive your site as spam…
Password Security & Password Managers
Rianna MacLeod In the spirit of National Cyber Security Awareness Month (NCSAM), let’s talk about a security basic that many people overlook: passwords. These are one of…
How to Secure the WordPress Login Page
Given that WordPress powers millions of websites worldwide, it’s no surprise that it’s a prime target for malicious activities ranging from brute force attacks and…
What is the Principle of Least Privilege?
If you own a website and collaborate with other people, the Principle of Least Privilege (PoLP) is a crucial security concept which has applications and…
How to Find, Change & Protect the WordPress Login URL: A Beginner’s Guide
If you’ve recently launched a WordPress website, you might be asking, “How do I log in to WordPress?” or “Where is my WordPress login located?”…
How to Find & Fix the WordPress Pharma Hack
Finding bogus content and unexpected links for prescription drugs on your WordPress website can be a frustrating experience. But don’t blame your site: it just…
Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign
Denis Sinegubko Our team at Sucuri has been tracking a massive WordPress infection campaign since 2017 — but up until recently never bothered to give it a…
Shifting Malware Tactics & Use of Non-Executable .txt & .log Files
Krasimir Konov The malware landscape is constantly evolving — and bad actors are always devising new techniques to evade detection. Our analysts most commonly find website malware…
40 New Domains of Magecart Veteran ATMZOW Found in Google Tag Manager
Hackers like Google Tag Manager: millions of sites use it, and they can inject custom scripts and HTML code via a script from the highly…
Thousands of Sites with Popup Builder Compromised by Balada Injector
On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was…
Input Validation for Web Forms & Website Security
Web forms are incredibly useful tools. They allow you to gather important information about potential clients and site visitors, collect comments and feedback, upload files,…