What could go wrong SECURITY wise? Security wise, this gets ugly fast and it’s painful. When your security is breached you lose immediately what you had. You lose files, data, sensitive and internal information. From the public view, your reputation gets a hit, your natural ranking is penalized, your customers…
Nothing online is 100% secure and your WordPress is no exception to this rule. Since WordPress is powering at least a quarter of all websites worldwide, the platform is naturally an irresistible target for many attacks over the years. In this post – Never let your WP become an attack…
A year ago, when DROWN hit the news (read more here: SSL vulnerability affects 33% of the web) it was covered everywhere. All websites talked about. We talked about. Our customers did not understand and they were not scared. We ran at that time a FREE check campaign to see…
What is an attack vector? An attack vector is a path or means by which a hacker gains access to your server or WordPress (or both) to execute a malicious payload. Attack vectors enable hackers to exploit system vulnerabilities, including the human element. Why the WordPress attack vector is so…
name: WordPress REST API Vulnerability officially announced: FEBRUARY 1, 2017 Security Risk: Severe Exploitation Level: Easy/Remote DREAD Score: 9/10 Vulnerability: Privilege Escalation + Content Injection Patched Version: WordPress 4.7.2 what: This privilege escalation vulnerability affects the WordPress REST API that was recently added and enabled by default on WordPress 4.7.0….
Infected code is loaded onto computers from the internet via the web browser, often unknown to the user, when they visit an infected website. These malware programs change browser settings, alter system files and create new default webpages. Typically, malware collects personal information or renders computer unusable. Several malware programs…
name: DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) officially announced: March 2016 what: DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security. These protocols allow everyone on the Internet to browse the…
WordPress sites are notoriously lacking when it comes to security. Be it due to an insufficient security expertise of the developer, or the use of one of the many FREE plugins available (of which the security cannot be guaranteed). With WordPress running on 1 in 5 sites on the internet,…
