Security

• 

  Liked by 2 readers

  Web sites compromised with Fake AV campaign (Windows Web Secure Kit)

  15th May 2012 18:41

  “To help protect your computer, Windows Web Secure Kit have detected trojans and is ready to remove them”. We are seeing lately many WordPress sites compromised with a malware redirecting users to the “Windows Web Secure Kit” fake/rogue anti virus. So if you … Read more

• 

  Liked by 2 readers

  Official WordPress Plugin Directory – Forcing Plugin Updates

  11th May 2012 19:52

  For some while we have wondered what happens when a plugin is removed from the official WordPress plugin directory for security reasons. Historically, we haven’t seen much of anything happen – no notification to users, no official blog post, nothing … Read more

• 

  Liked by 3 readers

  Blog Comments – Analysing 100,000 comments (and spammers)

  11th May 2012 15:31

  “Nice blog, thanks for the info” “Awesome site. Great job” “You should take part in a contest for one of the best blogs on the web. I will recommend this site!” I know you like flattery comments on your site. … Read more

• 

  Liked by 1 readers

  Wpstats.org Spam (and a fake Advanced Search plugin)

  9th May 2012 15:12

  If you are seeing hidden links in your WordPress site, it could be coming from wpstats.org. On some blackhat spam cases we are analysing, the following code was added to the theme header of the compromised site: if(function_exists(‘curl_init’)) { $url … Read more

• 

  Liked by 3 readers

  Sucuri WordPress Security Plugin Protects Against PHP-CGI Vulnerability

  9th May 2012 00:14

  Today we released an update on the latest PHP CGI vulnerability and provided some additional information that users can use to help protect against it. Guidance includes updating your .htaccess file with the following: RewriteEngine on RewriteCond %{QUERY_STRING} ^[^=]*$ RewriteCond … Read more

• 

  Liked by 1 readers

  PHP-CGI Vulnerability exploited in the wild

  8th May 2012 15:06

  When the PHP-CGI vulnerability was disclosed, we knew it would be just a matter of days before it started to be exploited in the wild. Well, it didn’t take long. Since the weekend, we started to see scanners looking for … Read more

• 

  Liked by 2 readers

  April/2012 Malware Analysis

  1st May 2012 16:21

  When we see a compromised site distributing malware, it is often done via 4 methods: Iframe, Javascript, Spam or internal redirections. Those are not the only ways, and they can be encoded or hidden differently internally on the sites, but … Read more

• 

  Liked by 1 readers

  New WooThemes Vulnerability Patched – Update Framework Now!

  29th April 2012 18:23

  Yesterday a vulnerability on the WooThemes Framework was disclosed by Jason Gill on githumb:gist. The vulnerability allows a visitor to see and run the output of any shortcode configured on the WordPress site. At this time this does not appear to … Read more

• 

  Liked by 2 readers

  Ransomware Malware on the Web?

  28th April 2012 18:55

  As the week comes to a close I wanted to take a minute to talk about something we haven’t yet – Ransomware Malware. The idea came from a case this week where a client was defaced. Instead of engaging the … Read more

• 

  Liked by 3 readers

  Lockdown WordPress – A Security Webinar with Dre Armeda

  26th April 2012 21:55

  We had the opportunity to do a webinar about WordPress security with the guys from iThemes yesterday. Here’s the video for those of you who missed out on the fun: Dre Armeda from Sucuri Security presented on various WordPress related … Read more