Considering the amount of malicious activity that takes place on the internet, it's no surprise that successful attacks on WordPress sites are launched across a wide variety of vectors. Whether outdated plugin code is to blame, or password reuse, or any number of other security flaws, no site owner sets out to introduce a vulnerability into their environment. Ultimately any security issue begins with a mistake, and while mistakes are forgivable there's still risk involved if they're not discovered and remedied....read more
Last week's article covering the decision to distrust Symantec-issued TLS certificates generated a great response from our readers. One common question we received, and one that pops up just about any time SSL/TLS comes up, is how to determine when a site does and does not need such a certificate. Spoiler: Your site should probably have a TLS certificate....read more
In an advisory published yesterday, Mozilla disclosed the presence of nine security flaws in Firefox 61 which have been patched in the latest release of the browser. Some of the bugs are severe, but at this time do not appear to be receiving attacks in the wild. To protect yourself as a Firefox user, ensure that you have updated Firefox to the latest version as soon as possible. To do this, click the 'Firefox' menu and 'About Firefox'. The browser will check for an update automatically and will download the update if available. You will then be prompted to 'Restart to update Firefox'...read more
A critical remote code execution (RCE) vulnerability has been patched in the latest release of Duplicator, a WordPress backup and migration plugin with millions of downloads. In their public disclosure of this flaw, Synacktiv detailed its scope and severity, and provided a viable proof of concept exploit for the security community. In this post we'll take a look at the basics of the vulnerability, what was patched, and what you can do if you think your site's at risk....read more
Yesterday, the popular WordPress plugin Ninja Forms released version 3.3.14, which disclosed and patched two security issues present in the plugin. Upon review of these issues we've determined their severity to be moderately low, however due to the plugin's wide userbase of more than a million active installs we've elected to provide a detailed exploration of exactly what these vulnerabilities are and what risks they do pose if left unpatched. As usual, we recommend updating vulnerable versions of the plugin as soon as possible, despite the relatively low risk....read more
As you're probably aware, Wordfence's Security Services Team (SST) provides world-class remediation services in the event that your site falls victim to malicious activity. Our analysts combine their considerable expertise with the best threat intelligence in the industry to deliver results we're consistently proud to stand behind. To be clear, the word "consistently" is used deliberately here, as the continued reliability of our services is crucial in maintaining the trust placed in us by our users....read more
This entry was posted in General Security, Learning on July 10, 2018 by Mikey Veenstra 7 Replies
In the context of cybersecurity, the adage "An ounce of prevention is worth a pound of cure" is a massive understatement. Make no mistake, the easiest way to handle a security incident is to prevent it from ever happening in the first place. We continually remind our readers about security best practices because the time spent implementing them is nominal compared to the time that would be spent responding in the aftermath of a successful attack....read more
The security community has been abuzz this week following the disclosure of a vulnerability present in all current versions of WordPress. The flaw, published in a detailed report by RIPS Technologies, allows any logged-in user with an Author role or higher to delete files on the server....read more
Last spring, after discussing the tools and tech used by our team, we published a list of 51 Tools for Security Analysts. The article was well-received, and the comments offered some great suggestions to top it all off....read more
Recently, Defiant's analysts have been tracking a particularly sophisticated malware infection responsible for generating spam links and redirection, while still remaining relatively difficult for victims to detect....read more
