There is an on going and highly distributed, global attack on wordpress installations to crack open admin accounts and inject various malicious scripts.
To give you a little history, we recently heard from a major law enforcement agency about a massive attack on US financial institutions originating from our servers.
We did a detailed analysis of the attack pattern and found out that most of the attack was originating from CMSs (mostly wordpress). Further analysis revealed that the admin accounts had been compromised (in one form or the other) and malicious scripts were uploaded into the directories. Read More »
In October 2016 at the CA/Browser Forum in Redmond, Washington, Google software engineer Ryan Sleevi announced Google’s move to make Certificate Transparency mandatory for Chrome web browsing. Read More »
WordPress is hugely popular today but hasn’t always had a clean track record when it comes to security. The widely reported instances of breaches in WordPress websites have made people think twice about opting for it for their business. In all fairness though, users of WordPress have either been using outdated WordPress software, have poor system administration or just lack necessary tech and security knowledge. Read More »