Category: SiteLock Research Page 3 of 5

Turkish SEO spam

Analysis Of An SEO Spam Campaign

Search engine spam, more frequently known as SEO spam, is a technique used to manipulate rankings in a way that is not allowed by search engine terms of service.

This week we’ll take a look at an interesting SEO spam campaign that recently came across the SiteLock research desk. Turkish escorts are apparently big business and we had the opportunity to dig a bit into the makings of a malicious Turkish escort spam campaign.

Read More

WordPress security

The Potential Dangers Of WordPress Multisite

Many individual and small company forays on the web are through WordPress on shared hosting accounts, and it’s not uncommon for a shared hosting account to hold multiple WordPress sites as needs and business grow. Site owners maintain each and every WordPress install, managing content, configuration, users and updates. At least they should. Maintaining multiple sites in a single shared hosting account is time-consuming and, as we’ll see, risky as each site on the account is a point of access that has to be secured.

Visit wpdistrict.sitelock.com for the full story.

Firefox security issue

Can Firefox Security Be Trusted?

I love Firefox. I’ve used it since it was Firebird, if not Phoenix, and it’s my main browser on every device. I value Mozilla’s dedication to an open, secure, and private internet, and because of that, I recommend Firefox to friends and family. That’s why two recent Firefox developments have me concerned. This week we’ll discuss a troubling statement about the state of Firefox security, the sunsetting of the use of SHA-1 in SSL certificates and Firefox’s recent exception to that, and whether Firefox is still a secure browsing option.

Read More

Website backups

The Case For Website Backups

File backups are essential to the security of any site. With regular, tested website backups, you can recover your site easily from any of the following issues:

  • hardware failures
  • accidental deletions
  • defacements
  • ransomware

They can also be problematic. This week we’ll discuss why website backups are essential, and then reveal how faulty backup security can harm a site and how to prevent that from happening.

Read More

WordPress security

Speeding Up Your WordPress Site

 

CDNs are great for WordPress sites because much of the post content is static and can easily be cached and served by a CDN. With visitors receiving cached content from the closest CDN data center, origin server load decreases, allowing sites to load faster for site visitors. At the same time, serving a site from multiple data centers makes the origin server more robust. A fortuitous spike in traffic won’t take a site down as the data centers handle the increased load.

Visit wpdistrict.sitelock.com for the full story.

IoT security needed

Does Your Coffee Maker Need IoT Security?

There’s no bigger buzzword in the security world now than the ‘Internet of Things.’ The Internet of Things, or IoT, is the connectedness of everyday devices and sensors to allow the quantification and control of systems. Video doorbells alert wayward homeowners of visitors. Bluetooth fobs connect car keys to smartphones. Thermostats track heating and cooling preferences to select a tailored temperature for a homeowner.  Unfortunately, the design complexity of a previously unconnected device now given intelligence and network access can lead to unforeseen issues and real-world consequences. Therefore, IoT security must be a consideration and, ideally, a foundational characteristic in their design.

Read More

how to prevent security breaches

Authentication Failure in File Browser, Manager, Backup (+ Database) WordPress Plugin

While reviewing malware, the SiteLock Research Team detected suspicious code in a WordPress plugin. We reviewed the suspicious code and found the plugin wasn’t malicious per se, though it was potentially vulnerable to attack. We will discuss the plugin and analyze its unique authentication issues, and then discuss mitigation and the dangers of using unsupported plugins.

Visit wpdistrict.sitelock.com for the full story.

WordPress security

A Brief Survey of Fake WordPress Plugins

In the latest article from the SiteLock research team, we’ll discuss how fake plugins get on to WordPress sites, analyze a well known fake plugin to provide a sense of what they can do, look at a non-exhaustive list of fake plugins and a couple of interesting features, and discuss ways to avoid being victimized by fake plugins.

Read the full story at our WordPress-focused site, wpdistrict.sitelock.com.

WordPress security

My Hacked WordPress Site Was Fixed, Now What?

The unfortunate happens and your WordPress site is compromised. You recover from the hack through backups or SiteLock’s malware removal service, yet you still feel at unease.

The truth is, once a WordPress site recovers from a compromise, there’s a bit more to do. Learn about simple post-compromise steps that can help harden your site from future attacks.

Learn more at wpdistrict.sitelock.com.

Defaced by AnonGhost

Don’t Panic: Website Defacements from 2015

Bad actors have attacked websites since the beginning of the internet. They have many reasons for taking over websites — money, infamy, politics, curiosity — though nothing grabs attention more than the visual defacement of a site. Website defacement occurs when a bad actor gains access to the site files, and replaces the index or home page with their own page.  We’ve seen many of these over the last year, but what are the real consequences for the sites that are defaced? We’ll discuss the effects of a defacement on a website, and the reasons why they happen.  We will also outline what you should know about defacements and how to secure your site against them.

What Is A Website Defacement?

AnonGhost website defacement

Read More

Page 3 of 5

Powered by WordPress & Theme by Anders Norén