WordPress 5.0. 1 was released Wednesday night, less than a week after the much anticipated release of WordPress 5.0. This security release fixes seven security vulnerabilities, a few of which are quite serious. Sites running versions in the 4.x branch of WordPress core are also impacted by some of the issues. WordPress 4.9.9 was released along with 5.0.1 to address …
Botnet of Infected WordPress Sites Attacking WordPress Sites
The following was released today in relation to attacks on WordPress sites. If you do not have any security on your website then now is the time to get it! All Websites that have a support and maintenance contract with me are already secure but if yours has no security, out of date plugins and software then you need to …
Replace Your SSL/TLS Certs by Symantec, Thawte, VeriSign, Equifax, GeoTrust and RapidSSL
This is a public service announcement and a reminder to site owners. Google’s Chrome browser has already started the process of ending support for Symantec SSL/TLS certificates. This includes companies owned by Symantec including Thawte, Verisign, Equifax, GeoTrust and RapidSSL. Chrome 66 is ending support for Symantec certificates issued before June 1, 2016 on the following schedule: The ‘Canary’ release …
Are you Ready for the New Google Changes to Security
Google began sending out notices to site owners this month, reminding those who haven’t yet migrated from HTTP to HTTPS that in October their sites will be marked “NOT SECURE.” The warnings are directed to owners of HTTP pages that contain forms, specifically sites that include text input fields like <input type=”text”> or <input type=”email”>. The messages reiterate the fact …
The WPSetup Attack: New Campaign Targets Fresh WordPress Installs
Attackers scan for the following URL: /wp-admin/setup-config.php This is the setup URL that new installations of WordPress use. If the attacker finds that URL and it contains a setup page, it indicates that someone has recently installed WordPress on their server but has not yet configured it. At this point, it is very easy for an attacker to take over …