Website File Changes Monitor 1.7.1: improved UX & other minor improvements

Today we are happy to announce the release of Website File Changes Monitor 1.7.1. This is a minor but must-install followup to update 1.7.0. In this update we have improved several aspects of the plugin’s user experience (UX) and also addressed a few issues reported in update 1.7.0. Below is a highlight of what is new and improved in the latest update of our file integrity monitoring WordPress plugin: Less icons & more automation In the last update of the plugin we have introduced the new WordPress core repository check. This is used to compare your website’s WordPress core files […]

Real-Time Phishing Kit Targets Brazilian Central Bank

We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page in real time. What our investigation revealed was that attackers were leveraging PIX, a new payment method created by the Brazilian Central Bank. Features & Context for PIX PIX was created and introduced to replace Brazil’s old and deprecated transfer methods TED and DOC. PIX’s new functionalities made it significantly cheaper and faster for transactions to be completed, allowing transfers to be conducted any time of the day, including weekends — functionality not available in […]

Hacking WordPress websites & stealing WordPress passwords

A detailed explanation of how attackers use Man-in-the-Middle (MitM) to hack WordPress websites and login credentials. This article is for educational purposes only. Like any other web application with a login form, WordPress submits your username and password in an HTTP request when logging in. By default, HTTP is not an encrypted protocol. That means that unless your WordPress website is using HTTPS, the communication between you and the web server is susceptible to eavesdropping. Hackers with malicious intent can easily intercept and modify your WordPress website’s cleartext (un-encrypted) HTTP traffic. Naturally, one of the most interesting pieces of information […]

Unauthenticated Remote Code Execution in e-signature plugin

During a recent audit we discovered an unauthenticated remote code execution in the plugin e-signature. All versions less than are vulnerable. Disclosure / Response Timeline January 7, 2021: Initial […]

WordPress Vulnerability Roundup: January 2021, Part 1

New WordPress plugin and theme vulnerabilities were disclosed during the first half of January. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress plugins, and WordPress themes. Each vulnerability will have a severity rating of Low, Medium, High, or Critical. In the January, Part 1 Report WordPress Core Vulnerabilities No new WordPress core vulnerabilities have been disclosed this month. WordPress Plugin Vulnerabilities 1. LiteSpeed Cache – Low LiteSpeed Cache versions […]

WordPress Security Updates: December 2020

This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of […]

Website Security in The New Year 2021 – Are You A Cat Herder?

Jim Walker Free Consultation by Phone We Fix Hacked Websites Fast (619) 479-6637. As we all head into the new year, if you implement the below strategies you’ll greatly reduce the likelihood your account will be compromised in 2021. 1. Segregation* 2. Monitoring 3. Regular updates 4. Backups If you choose to not segregate your WordPress installations to separate accounts the risk your hosting account will be compromised Read More The post Website Security in The New Year 2021 – Are You A Cat Herder? appeared first on Free Consultation by Phone We Fix Hacked Websites Fast (619) 479-6637.

Obfuscation Techniques in Ransomweb “Ransomware”

As vital assets for many business operations, websites and their hosting servers are often the target of ransomware attacks — and if they get taken offline, this can cause major issues for a business’ data, revenue, and ultimately reputation. The worst part about ransomware is that it encrypts data and removes the original encrypted copies. This means if victims don’t have backups of their files and databases, there may not be any way to recover the kidnapped data without paying the ransom. Continue reading Obfuscation Techniques in Ransomweb “Ransomware” at Sucuri Blog.

Multiple Vulnerabilities Patched in Orbit Fox by ThemeIsle Plugin

On November 19, 2020, our Threat Intelligence team responsibly disclosed two vulnerabilities in Orbit Fox by ThemeIsle, a WordPress plugin used by over 400,000 sites. One of these flaws made it possible for attackers with contributor level access or above to escalate their privileges to those of an administrator and potentially take over a WordPress site. The other flaw made it possible for attackers with contributor or author level access to inject potentially malicious JavaScript into posts. These types of malicious scripts can be used to redirect visitors to malvertising sites or create new administrative users, amongst many other actions. […]

Admin Notices Manager 1.1: choose which admin notices you see & which not

We can all agree that 2020 was a difficult year. That’s why we are excited to start 2021 with our very first update of the Admin Notices Manager plugin. In this update we added the ability to choose which type of admin notices to show as normal on the WordPress dashboard, in the plugin pop-up, or choose to hide them completely. Additionally, we added an option to capture admin notices with custom type. Now let’s dive right in and see all the new features and improvements in update 1.1 of the Admin Notices Manager plugin. Choose how & where the […]