WordPress - Security Intelligence

Two security professionals discussing a Shade ransomware infection

news

Shade Ransomware Campaign Compromises at Least 500 WordPress and Joomla Websites

Security researchers discovered a hidden HTTP directory that is allowing threat actors to install Shade ransomware on WordPress and Joomla websites.

April 3, 2019 | By Shane Schick

news

Website administrators collaborating in a modern office: WordPress exploit

news

WordPress Exploit in GDPR Plugin Puts 100,000 Websites at Risk

Researchers discovered a WordPress Exploit in a plugin designed to help site owners comply with the GDPR that enables attackers to take control of admin accounts.

November 20, 2018 | By Shane Schick

news

New WordPress Phishing Campaigns Target User Credentials

Newly discovered phishing campaigns are targeting WordPress users with malicious emails designed to steal user credentials.

September 10, 2018 | By Douglas Bonderud

news

A small business owner using a laptop in a flower shop.

news

Websites Were Attacked 44 Times a Day in Q4 2017, Small Business Cybersecurity Report Reveals

A recent study suggested that small business cybersecurity threats are on the rise, as evidenced by the fact that the average small business website sustained 44 attacks per day during Q4 2017.

March 23, 2018 | By Shane Schick

news

A blogging platform displayed on a computer screen.

news

WordPress Issues Security Patch to Mitigate SQL Injection

With its latest update, WordPress patched a vulnerability that could enable malicious plugin and theme developers to execute SQL injection attacks.

November 2, 2017 | By Larry Loeb

news

Display Widgets Plug-In Conducted Malware Attack Across 200,000 WordPress Sites

Approximately 200,000 websites running WordPress have been affected by a malware attack that used the Display Widgets plug-in to collect IP addresses.

September 15, 2017 | By Shane Schick

news

A long hallway in a computer-server room.

news

WordPress Sites at Risk From PHP Code Execution

New attacks against unfinished installations of WordPress aim to give attackers admin access and the opportunity to run PHP code.

July 18, 2017 | By Mark Samuels

news

A blogger entering text into a content management system on a latop.

article

Relying on Data to Mitigate the Risk of WordPress Website Hijacking

To protect their WordPress sites from scammers, administrators must proactively patch and monitor their installations to weed out unwanted content.

May 30, 2017 | By Mark Usher

article

A hand taking a cookie from a glass jar.

news

Phony WordPress Domain Steals Cookies to Fool Web Admins

Cybercriminals have been stealing cookies and using a fraudulent WordPress API to impersonate users and take control of victims' browsing sessions.

May 15, 2017 | By Shane Schick

news

A programmer entering code into a desktop computer.

news

PHP Will Incorporate Libsodium for Crypto

Starting with the release of version 7.2 at the end of this year, the core of PHP will use Libsodium by default for routine cryptographical operations.

February 22, 2017 | By Larry Loeb

news

Attackers Compromise Admin Account to Infect Manufacturing Company With BitPaymer Ransomware

Spear Phishing Report Card: Perfect Scores in School Security Pen Testing

Google 2FA Approach Turns Android Smartphones Into Security Keys

April Scams May Ruin Plans: Threat Actors Ramp Up for Tax Scam Season

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

How a Cunning Remote Overlay Malware Met Its Match

The US Is Slow to Adopt EHRs, But That Might Actually Be a Good Thing for Healthcare Security

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

Credential Dumping Campaign Hits Multinational Corporations

Cybercriminals Spoof Major Accounting and Payroll Firms in Tax Season Malware Campaigns

Buffer Overflow Vulnerability in TP-Link Routers Can Allow Remote Attackers to Take Control

Podcast: Muscle Memory and Cyber Fitness Training

Podcast: Zero Trust and the Evolving Role of Identity and Access Management

Podcast: Digital Identity Trust, Part 3 — Powering Digital Growth With Digital Identity Trust

Podcast: Monitoring National Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

Webinar: MacOS Management Made Easy with MaaS360

Webinar: Encryption is the Fastest Way to Protect Data

Webinar: Under the Radar: Live Webinar and Demo

Webinar: Facilitating Secure Hybrid Cloud Adoption with Guardium

Tag: WordPress

Shade Ransomware Campaign Compromises at Least 500 WordPress and Joomla Websites

WordPress Exploit in GDPR Plugin Puts 100,000 Websites at Risk

New WordPress Phishing Campaigns Target User Credentials

Websites Were Attacked 44 Times a Day in Q4 2017, Small Business Cybersecurity Report Reveals

WordPress Issues Security Patch to Mitigate SQL Injection

Display Widgets Plug-In Conducted Malware Attack Across 200,000 WordPress Sites

WordPress Sites at Risk From PHP Code Execution

Relying on Data to Mitigate the Risk of WordPress Website Hijacking

Phony WordPress Domain Steals Cookies to Fool Web Admins

PHP Will Incorporate Libsodium for Crypto