VB Migration

Tag: wordpress

  • Patch early, patch often, but don’t blindly trust every ‘patch’

    Patching is important, but not everything that presents itself as a security patch is safe to install. Malwarebytes researcher Jérôme Segura has written a detailed analysis of the ‘FakeUpdates’ campaign, where thousands of websites with an out-of-date content management system have been compromised to spread malware. Rather than exploiting vulnerabilities in browsers or browser plug-ins, as…

  • Patch early, patch often, but don’t blindly trust every ‘patch’

    Patching is important, but not everything that presents itself as a security patch is safe to install. Malwarebytes researcher Jérôme Segura has written a detailed analysis of the ‘FakeUpdates’ campaign, where thousands of websites with an out-of-date content management system have been compromised to spread malware. Rather than exploiting vulnerabilities in browsers or browser plug-ins, as…

  • WordPress users urged to manually update to fix bug that prevents automatic updating

    WordPress has long had a bad reputation in the security community. While this is understandable – compromised installations of the popular content management system are regularly used to spread malware and spam – it is also a little unfair, as the security of WordPress has improved a lot over the years. Indeed, exploitable vulnerabilities in the…

  • WordPress users urged to manually update to fix bug that prevents automatic updating

    WordPress has long had a bad reputation in the security community. While this is understandable – compromised installations of the popular content management system are regularly used to spread malware and spam – it is also a little unfair, as the security of WordPress has improved a lot over the years. Indeed, exploitable vulnerabilities in the…

  • WordPress pingback used for DDoS attacks

    Millions of sites could potentially be used in attack. Security firm Incapsula reports that it has discovered a DDoS attack on a gaming website using thousands of legitimate WordPress blogs without the need for them to be compromised. Today’s most common method for DDoS attacks uses DNS amplification (also known as ‘DNS reflection’): a DNS…

  • Inconvenient content

    Hackers include spammish content into Al Gore’s website. Hackers have managed to break into a website set up to promote Al Gore’s film An Inconvenient Truth and include links to drug-selling sites, PCWorld reports. The hackers’ aim was to boost the search engine rankings of the websites linked to by creating links to a very…