Plug-ins is a way of vendors and third-parties extending the functionality of software – it work very well, the success of WordPress is partly based on plug-ins. Now the threat actor vendors are taking the same approach with their malware – with the plug-ins helping to obfuscate the malware to …
How secure is your WordPress website and blog? Do you even know if your organisation’s website is built on WordPress?
There has been a flurry of WordPress security and vulnerability articles over the past week or so. It is no surprise that the world’s most popular website builder is a target for threat actors, especially as Automatic’s core code can be added to with third-party, open-source or even self-written plugins, …
School WordPress plug-in is vulnerable to attack
If you use or responsible for a School Management system – check this does not impact you. The ICO takes a dim view of child privacy violations. Researchers find backdoor lurking in WordPress plugin used by schools | Ars Technica
Windows and Linux server both targets for crypto-mining malware
Microsoft is reporting on a new variant of the Sysrv botnet malware – Sysrv-K, that infects both Windows and Linux servers. This malware can compromise a wide range of vulnerabilities including WordPress plug-ins and Spring Cloud. Once in the malware installs and operates the Monero cryptocurrency miner. Monero-mining botnet targets …
Continue reading “Windows and Linux server both targets for crypto-mining malware”
