News
GoDaddy Breached – Plaintext Passwords – 1.2M Affected
There is an update available here: GoDaddy Breach Widens to tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet, and Host Europe This morning, GoDaddy disclosed that an unknown attacker had gained unauthorized access to the system used to provision the company’s Managed WordPress sites, impacting up to 1.2 million of their WordPress customers. Note that this […]
Read More
7 Audacious Hacks & What We Can Learn From Them …
While stressful and costly to the victim, hacks can also be an opportunity for onlookers to learn how to prevent getting breached. Hacks create an opportunity to think creatively about company and personal security and a challenge to meet today’s evolving threatscape. This article will look at how major reputable companies fell to small mistakes. […]
Read More
An Overview of Website Reinfection Vectors
The website security landscape is as complicated as it is treacherous. We often deal with clients who become reinfected over and over again. Once the attackers establish a foothold in an environment and recognize that a website is vulnerable, you can guarantee that they will be back to try to reinfect the website. Our website […]
Read More
What is a Website Backdoor?
What is a Backdoor? A backdoor provides a shortcut for authorized or unauthorized users to gain access to an unauthorized location of a website, software, or system. There are many different ways to categorize backdoors, but they are usually not in plain sight and are intentionally difficult to detect. Legitimate vs. Illegitimate Backdoors Developer’s backdoor […]
Read More
WooCommerce Extension – Reflected XSS Vulnerability
Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On November 1, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Preview E-mails for WooCommerce”, a WordPress plugin that is an extension for WooCommerce, […]
Read More
Jetpack vs iThemes: Which is Better Security for Your WordPress Website?
Jetpack is built by Automattic, the OG WordPress developer, so it is a popular choice and comes up a lot in recommendations. It also has a lot of other features for website administration built into the premium plans, so having everything on one dashboard is an attractive proposition. iThemes talks a great game on their […]
Read More
How To Fix ‘The Site Ahead Contains Malware’ Error On A WordPress Site?
If you have noticed a big red warning sign on your WordPress site that says ‘The Site Ahead Contains Malware,’ your website is infected with malware or has been hacked. What’s worse? Google has identified the malware and blacklisted your WordPress site. But before you panic, let us assure you, we can help you fix […]
Read More
What to Do When SiteGround Suspends Your Site?
Trying to visit your Siteground hosted website, and all you can see is a notice that says, “This account has been suspended”? Your website has been suspended by the SiteGround web host, and your site has been taken offline. Web hosts like Siteground suspend accounts for a variety of reasons such as malware infection, payment […]
Read More
Fake Ransomware Infection Spooks Website Owners
Starting this past Friday we have seen a number of websites showing a fake ransomware infection. Google search results for “FOR RESTORE SEND 0.1 BITCOIN” were sitting at 6 last week and increased to 291 at the time of writing this. Upon visiting their website webmasters have been met with an alarming message: SITE ENCRYPTED […]
Read More