Category: SiteLock Research Page 4 of 6

WordPress security

Speeding Up Your WordPress Site

 

CDNs are great for WordPress sites because much of the post content is static and can easily be cached and served by a CDN. With visitors receiving cached content from the closest CDN data center, origin server load decreases, allowing sites to load faster for site visitors. At the same time, serving a site from multiple data centers makes the origin server more robust. A fortuitous spike in traffic won’t take a site down as the data centers handle the increased load.

Visit wpdistrict.sitelock.com for the full story.

IoT security needed

Does Your Coffee Maker Need IoT Security?

There’s no bigger buzzword in the security world now than the ‘Internet of Things.’ The Internet of Things, or IoT, is the connectedness of everyday devices and sensors to allow the quantification and control of systems. Video doorbells alert wayward homeowners of visitors. Bluetooth fobs connect car keys to smartphones. Thermostats track heating and cooling preferences to select a tailored temperature for a homeowner.  Unfortunately, the design complexity of a previously unconnected device now given intelligence and network access can lead to unforeseen issues and real-world consequences. Therefore, IoT security must be a consideration and, ideally, a foundational characteristic in their design.

Read More

how to prevent security breaches

Authentication Failure in File Browser, Manager, Backup (+ Database) WordPress Plugin

While reviewing malware, the SiteLock Research Team detected suspicious code in a WordPress plugin. We reviewed the suspicious code and found the plugin wasn’t malicious per se, though it was potentially vulnerable to attack. We will discuss the plugin and analyze its unique authentication issues, and then discuss mitigation and the dangers of using unsupported plugins.

Visit wpdistrict.sitelock.com for the full story.

WordPress security

A Brief Survey of Fake WordPress Plugins

In the latest article from the SiteLock research team, we’ll discuss how fake plugins get on to WordPress sites, analyze a well known fake plugin to provide a sense of what they can do, look at a non-exhaustive list of fake plugins and a couple of interesting features, and discuss ways to avoid being victimized by fake plugins.

Read the full story at our WordPress-focused site, wpdistrict.sitelock.com.

WordPress security

My Hacked WordPress Site Was Fixed, Now What?

The unfortunate happens and your WordPress site is compromised. You recover from the hack through backups or SiteLock’s malware removal service, yet you still feel at unease.

The truth is, once a WordPress site recovers from a compromise, there’s a bit more to do. Learn about simple post-compromise steps that can help harden your site from future attacks.

Learn more at wpdistrict.sitelock.com.

Defaced by AnonGhost

Don’t Panic: Website Defacements from 2015

Bad actors have attacked websites since the beginning of the internet. They have many reasons for taking over websites — money, infamy, politics, curiosity — though nothing grabs attention more than the visual defacement of a site. Website defacement occurs when a bad actor gains access to the site files, and replaces the index or home page with their own page.  We’ve seen many of these over the last year, but what are the real consequences for the sites that are defaced? We’ll discuss the effects of a defacement on a website, and the reasons why they happen.  We will also outline what you should know about defacements and how to secure your site against them.

What Is A Website Defacement?

AnonGhost website defacement

Read More

Adobe Flash player

Moving On From Adobe Flash

With any web technology there comes a time to move on to the next level. Adobe Flash is notoriously insecure, resource intensive, and poorly supported on mobile devices. The process for phasing out Flash has been underway for some time, and now may be an advantageous time for developers and end users to move on from Adobe’s long-time media platform.

This week we’ll discuss:

  • The reasons you may want to move on from Adobe Flash
  • What alternatives exist and their advantages
  • What you can do specifically as an end user and site owner

Read More

SiteLock Website Security

It’s a Holiday Security Breach Blowout

This week we have a personal story for our readers. It’s a heartwarming tale of multiple mass data compromises, which affected yours truly. We’ll also discuss how major data breaches occur, and what you can do to protect yourself in the Age of the Large Data Breach.

Read More

Malicious WordPress plugin site

Malicious WordPress Plugin Adsense High CPC

While scanning website files, SiteLock SMART flagged three particular files as suspicious.  Inspection of the files by the SiteLock research team ultimately determined that a malicious WordPress plugin was being actively hosted, used by unsuspecting site owners, and spread via YouTube.

In the following article, we will:

  • detail the malware contained in the malicious plugin
  • reveal the relationships between the malicious plugin and other websites
  • discuss mitigation for sites using the plugin and how to avoid such situations

Read More

Security

What Is Security?

First, let’s tell you what security is not. Security is not safety.

Security is on everyone’s mind at this festive time of year. As more and more consumers move their shopping online, e-commerce security and the security of personal information naturally comes to the forefront. But what is security?

It’s a large and nebulous topic to which entire areas of study are dedicated, and the average website owner can’t be expected to be an expert, let alone a consumer. That’s why we’re taking this opportunity to answer this question and hopefully provide a foundation of understanding to help all site owners and consumers better assess their security needs.

Read More

Page 4 of 6

Powered by WordPress & Theme by Anders Norén