Maintenance
How Malware Gets On Your Website
Almost since the Internet’s inception malware infections have kept pace to be the biggest nuisance a site owner experiences. With an ever growing amount of sites making up the World Wide Web, malware infections only become more common. In this article we’ll discuss what malware is, the various types we’ve come across, the methods used […]
Read More
E-commerce Website Security Strategy for Holiday Shopping Season
As shopping season approaches once again, we’d like to give you some helpful advice when it comes to managing an e-commerce site, and how to avoid being the target of an attack. Due to the pandemic, more people are spending their time shopping for gifts online than ever before. Global e-commerce sales are projected to […]
Read More
1.6 Million WordPress Sites Hit With 13.7 Million Attacks In 36 Hours From 16,000 IPs
Today, on December 9, 2021, our Threat Intelligence team noticed a drastic uptick in attacks targeting vulnerabilities that make it possible for attackers to update arbitrary options on vulnerable sites. This led us into an investigation which uncovered an active attack targeting over a million WordPress sites. Over the past 36 hours, the Wordfence network […]
Read More
GoDaddy Data Breach 2021: What Happened and How It Affects You
GoDaddy, one of the biggest web hosts, discovered a data breach on November 17th, 2021. The WordPress community has been discussing the Godaddy data breach implications because the primary target of the security breach was GoDaddy’s Managed WordPress customers. The trouble with this sort of news is that there is always a lot of noise […]
Read More
PHP Re-Infectors – The Malware that Keeps On Giving
We all know why bad actors infect sites: monetary gain, boosts in SEO ratings for their malware or spam campaigns and a number of other reasons explained in our post on hacker’s motivations. It defeats the purpose of the attack if the malware is easily and quickly removed. Attackers have developed some methods for protecting […]
Read More
Authentication Bypass Vulnerability Patched in User Registration Plugin
Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On September 16, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “RegistrationMagic – Custom Registration Forms, User Registration and User Login”, a WordPress plugin […]
Read More
WooCommerce Credit Card Swiper Injected Into Random Plugin Files
It’s that time of year again! While website owners always need to be on guard, the holidays season is when online scams and credit card theft are most rampant. Administrators of ecommerce websites need to be extra vigilant as this case will demonstrate. This story starts much the same as many others that we discuss […]
Read More
Is My Site Hacked? 4 Gut Checks
The consequences of a hacked site have wide-ranging financial repercussions that extend beyond the cost of cleaning the site. Drop-offs can be anticipated for new sales from prospects spooked by “not secure” url warning labels. The same downward turn can be expected for customer retention once the news of a hack shakes consumer confidence in […]
Read More
Bluehost Account Suspended? Here’s How You Can Fix it
If your Bluehost website shows a “This account has been suspended” message, your site has been taken offline by Bluehost. This effectively means that neither you nor your visitors can reach your website and until you can fix the Bluehost account suspended issue, it will remain offline. While it is a situation that can rightly […]
Read More