If you run a WordPress website, you need to get serious about keeping it as secure as possible. WordPress continues to be a widespread target for hackers. Last November, more than a million GoDaddy-managed WordPress customers were part of a breach that could have exposed their email addresses, private SSL keys, and admin passwords. The attacker was apparently able to operate undetected inside the company’s networks for two months.
In February, Ukrainian university WordPress websites were attacked as the Russian invasion began. Another attack on a WordPress server redirected traffic to malicious websites where visitors would receive malware. Going back in time, a botnet used compromised WordPress servers to attack others in 2018 and another series of attacks in 2019.
More Stories
Gift Card Fraud
It’s becoming an organized crime tactic: Card draining is when criminals remove gift cards from a store display, open them...
U.S. Army Soldier Arrested in AT&T, Verizon Extortions
Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has...
Salt Typhoon’s Reach Continues to Grow
The US government has identified a ninth telecom that was successfully hacked by Salt Typhoon. Read More
Majority of UK SMEs Lack Cybersecurity Policy
Insurance firm Markel Direct found that 69% of UK SMEs lack a cybersecurity policy, with a significant lack of basic...
Happy 15th Anniversary, KrebsOnSecurity!
Image: Shutterstock, Dreamansions. KrebsOnSecurity.com turns 15 years old today! Maybe it’s indelicate to celebrate the birthday of a cybercrime blog...
CISA’s 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration
The US Cybersecurity and Infrastructure Security Agency’s 2024 Year in Review marks Jen Easterly’s final report before resignation Read More