http://feedproxy.google.com/~r/sucuri/blog/~3/7CWjK9uypZA/trojan-spyware-and-bec-attacks.html
When it comes to an organization’s security, business email compromise (BEC) attacks are a big problem. One primary reason impacts are so significant is that attacks often use a human victim to authorize a fraudulent transaction to bypass existing security controls that would normally be used to prevent fraud. Another reason is that social engineering lures may be expertly crafted by the attacker after they have been monitoring a victim’s activity for some time, resulting in more effective phishing campaigns with serious security implications. Continue reading Trojan Spyware and BEC Attacks at Sucuri Blog.The Month in WordPress: February 2021
https://wordpress.org/news/2021/03/the-month-in-wordpress-february-2021/
You don’t have to be rich to have an online presence. You don’t have to find loopholes in proprietary platforms and hope that they never change their terms of service. You own all of the content that you create on a WordPress site and have the liberty to move it to a new host if you need to, or switch your theme if it fits your mood. That was Josepha Haden Chomphosy on WordPress is Free(dom) episode of the WP Briefing Podcast, speaking about the four freedoms of open-source software. Those four freedoms are core to how WordPress is developed. […]WordPress Vulnerability Roundup: March 2021, Part 1
https://ithemes.com/wordpress-vulnerability-roundup-march-2021-part-1/
New WordPress plugin and theme vulnerabilities were disclosed during the first week of March. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress plugins, and WordPress themes. Each vulnerability will have a severity rating of Low, Medium, High, or Critical. The severity ratings are based on the Common Vulnerability Scoring System. In the March, Part 1 Report WordPress Core Vulnerabilities No new WordPress core vulnerabilities have been disclosed this month. WordPress Plugin Vulnerabilities […]Medium Severity Vulnerability Patched in User Profile Picture Plugin
WordPress 5.7 Release Candidate 2
https://wordpress.org/news/2021/03/wordpress-5-7-release-candidate-2/
The second release candidate for WordPress 5.7 is now available! You can test the WordPress 5.7 release candidate in two ways: Try the WordPress Beta Tester plugin (choose the “Bleeding edge” channel and Beta/RC Only” stream options) Or download the release candidate here (zip). Thank you to all of the contributors who tested the Beta/RC releases and gave feedback. Testing for bugs is a critical part of polishing every release and a great way to contribute to WordPress. Plugin and Theme Developers Please test your plugins and themes against WordPress 5.7 and update the Tested up to version in the readme file to 5.7. If you […]WordPress Plugin: Disable WP Robots
Episode 106: Admin Password Resets, Blockchain Botnets and a Central Management RCE
SQL Triggers in Website Backdoors
http://feedproxy.google.com/~r/sucuri/blog/~3/YO_WM-0196E/sql-triggers-in-website-backdoors.html
Over the past year, there’s been an increasing trend of WordPress malware using SQL triggers to hide malicious SQL queries within compromised databases. These queries inject an admin level user into the infected database whenever the trigger condition is met. What makes this especially problematic for website owners is that most malware cleanup guides focus on the website files and data within specific database tables — for example, wp_users, wp_options, and wp_posts. Continue reading SQL Triggers in Website Backdoors at Sucuri Blog.Did You Know About Reusable Blocks?
https://wordpress.org/news/2021/02/gutenberg-tutorial-reusable-blocks/
Created by Joen Asmussen, @joen The WordPress block editor (a.k.a. Gutenberg) comes with a feature called “reusable blocks.” They are blocks, saved for later, edited in one place. Have you ever wanted to: Re-use the same snippet of text across posts and pages? Save complex layouts to spare you having to copy/paste from one post to another? Reusable blocks can do these things. Like templates, you mean? Not quite. Think of reusable blocks as snippets of globally synchronized content that are personal to you. You can edit all your reusable blocks in one place, and any post or page you […]WordPress Maintenance Release — 5.6.2
https://pagely.com/blog/wordpress-maintenance-release-5-6-2/
Pagely customers were spared issues from bugs introduced in the 5.6.1 release. All our customers without version hold are being upgraded over these next two days, the vast majority are […]