Posts categorized as 'WordPress'

WordPress Security: BackupBuddy Plugin Vulnerability Active Exploit Attempts

This articles reports on active exploit attempts targeting the BackupBuddy plugin vulnerability.

Posted in Security_Research   WordPress     /   2022-09-09

Navigating 81 Layers of Encoding to Reveal the C&C

This articles decodes a pice of malware that leads us to the attackers C&C.

Posted in Security_Research   WordPress     /   2022-08-25

Hijacking a Websites SERP Results with SEO SPAM

This articles how hackers hijack a websites SERPs with SEO SPAM links.

Posted in Security_Research   WordPress     /   2022-08-25

Analyzed 17,000 Spam Links on a Hacked WordPress Sites

This articles explores 17,000 spam links on a hacked WordPress website.

Posted in Security_Research   WordPress     /   2022-08-25

What Hackers Do with WordPress in 2022 - Post Hack Analysis

This articles explains what hackers do with WordPress once they successfully hack a website.

Posted in Security_Research   WordPress     /   2022-08-25

How the WordPress Gets Hacked in 2022 - Initial Reconnaissance

This articles explains how the WordPress JSON API and XMLRPC can be used to attack WordPress website using Brute Force techniques.

Posted in Security_Research   WordPress     /   2022-08-25

PHP-FPM Pool Setup: WordPress Requires FTP/SFTP User After Successful Configuration

This article describes how to troubleshoot errors with PHP-FPM, specifically with WordPress requiring FTP / SFTP.

Posted in Troubleshooting   WordPress   PHP-FPM     /   2022-06-17

Removing Index.php From the URL Slug in WordPress

This article explains how to reset the root password in MySQL when it is empty.

Posted in Application_Tips   Troubleshooting   WordPress     /   2022-06-16

WordPress 5.8.3 Security Release

This articles provides a PSA for the WordPress 5.8.3 security release.

Posted in PSA   WordPress   Security   WAF     /   2022-06-13

The Most Effective Security Control for Open Source Admin Panels Never Used

This articles explains why it is important to block administrative panels on platforms like WordPress.

Posted in WordPress   Joomla   Access   Security   WAF     /   2022-06-13

Securing WordPress in The Enterprise

This articles provides a guide on how to harden WordPress to keep hackers out of the website.

Posted in WordPress   Security   Enterprise     /   2022-06-10

WordPress Forced Updates vs Auto-Updates and Abusing User Defined Intent

This articles talks about forcing updates in the WordPress platform, and provides opinions on how that effects user defined intent.

Posted in WordPress   Security     /   2022-06-10

Automated Attacks Against WordPress Target Old Vulnerabilities

This article shows how attacks against WordPress are mostly automated.

Posted in Research   Security   WAF   WordPress     /   2022-06-10

Improve Your Websites Speed and Security