Website Security News
During a recent investigation into a compromised Magento ecommerce environment, we discovered the presence of five different backdoors that would provide attackers with code execution capabilities. The techniques used by the attackers in these backdoors illustrates the ever-changing landscape of website security and highlights some…
Recently we have been seeing a rash of WordPress website compromises with attackers abusing the plugin upload functionality in the wp-admin dashboard to redirect visitors and website owners to malicious…
When it comes to the ABCs of website security server side scans and file integrity monitoring are the “A” and “B”. In fact, our server side scanner is one of…
Read More about Server Side Scans and File Integrity Monitoring
Realtime Blackhole Lists (RBLs) can be a great tool in your security arsenal. You may not know you’re using them, but all email providers and company email servers leverage these…
In an effort to maintain unauthorized access or profit off a website’s environment long after an initial compromise, attackers commonly leverage a variety of different techniques and tactics. These techniques…
The responsibility of ensuring that a website is protected falls on the website owner, but the security expectation may fall on the web service provider too. As a professional, you…
Read More about Opening the Conversation about Website Security
Not all SSL configurations on websites are equal, and a growing number push for HTTPS everywhere. There is an increasing demand to check and quantify that little padlock in your…
Website malware is no joke. Our own research shows that with WordPress, by far today’s most common content management system (CMS), new infections are on the rise. Even with security…
Read More about 5 Malware & Virus Scanning Tools You Need to Check Out
Even the most diligent site owners should consider when they had their last website security check. As our own research indicates, infections of the most popular content management systems (CMS)…
In an interview with Smashing Magazine our CoFounder (now Head of Security Products at GoDaddy) Tony Perez was asked the following question. What Makes WordPress Vulnerable? “Here’s the simple answer….
Read More about How to Audit & Cleanup WordPress Plugins & Themes
Why Should You Audit Your Website for Security? Most hacks and cyber attacks happen because of poor security practices. The first step you can take to improve your online security…
Read More about How to Perform a Website Security Audit ( with Checklist)
