Yesterday, WooCommerce released an urgent announcement encouraging users to update because of a serious vulnerability. They don’t get into the details, but for us it’s imperative to understand what they are patching so that we can virtually patch at the edge via the NOC Web Application Firewall (WAF). Especially when it comes to a platform like […]
Category: WordPress Security
Securing WordPress in The Enterprise
Approaching a web applications security is as much about mindset as it is about the tools and configurations you deploy. It’s why security professional always talk about people > process > technology. Unfortunately, in almost every incident response instance the former components, of people and process, are often nonexistent. I blame a lot of this […]
WordPress Security: Active Attacks Against BackupBuddy Plugin Vulnerability
On September 6th, 2022, iThemes released a security advisory on their BackupBuddy plugin. As a global network, we’re able to actively monitor attacks in the wild as they hit our network. This article shares what we’re seeing. The BackupBuddy Plugin Vulnerability The iThemes article doesn’t go into detail about the vulnerability, but describes the vulnerability as […]
Analyzing 17,000 Spam Links on a Hacked WordPress Site
We have been analyzing how bad actors attack WordPress, and what they do after they take control of a website. In our most recent article we watched as they modified a functions file for the active theme and injected it with 17,000 SEO links. This article dives into those 17,000 links to see what they are and […]
WordPress Forced Updates vs Auto-Updates and Abusing User Defined Intent
On June 1st, Automattic’s JetPack plugin released an update to patch an exploitable vulnerability. The vulnerability was found in their Carousel feature. The release invites plugin users to update their version. It warns that while it’s not known to be actively exploited it could be now that it’s been released. One thing it fails to […]
How the JSON API and XMLRPC are used for Brute Force Attacks Against WordPress
WordPress is the most popular Content Management System (CMS) – and because of its popularity, it is also the most attacked. One of the common attacks is brute forcing (i.e., trying to guess a users password), an attack that works to guess the password used by a user on the site (hopefully the administrator). Every […]
WordPress 5.8.3 Security Release
Some nice finds in today’s 5.8.3 release for WordPress. Be sure to update. Props to all the contributors for responsibly disclosing Security Updates Four security issues affect WordPress versions between 3.7 and 5.8. If you haven’t yet updated to 5.8, all WordPress versions since 3.7 have also been updated to fix the following security issue (except […]