AccessPress Themes Hit With Targeted Supply Chain Attack

Security researchers at Automattic recently reported that the popular WordPress plugin and theme authors AccessPress were compromised and their software replaced with backdoored versions. The compromise appears to have taken place in September of last year and was only recently made public. Users who used software obtained directly from the AccessPress website unknowingly provided attackers with backdoor access, resulting in an unknown number of compromised websites. The software from the official WordPress repository so far appears to have been unaffected, although the proactive measure has been taken to remove them until a proactive code review can be conducted.

Continue reading AccessPress Themes Hit With Targeted Supply Chain Attack at Sucuri Blog.

What Should You do if Your WordPress Site was Hacked?

These days WordPress infections are very common. In 2021, internetlivestats.com counted over 81 million websites hacked. If you’re one of the millions, you need to take action to fix and protect your site. Of course, a hacked site will put any site owner into panic mode. This article will provide insight on what to do if your website is hacked and how to move forward. WordPress sites can be hacked due to a variety of reasons, which we cover in Why are WordPress sites targeted by hackers?

Continue reading What Should You do if Your WordPress Site was Hacked? at Sucuri Blog.

Understanding Website SQL Injections

SQL injection is one of the most common types of web hacking techniques used today. As data breaches continue to happen to some of the most high-profile corporations and brands, it’s become more important for web users to adapt to these increased breaches with changes in behavior like system generated passwords and 2FA. 

In this post, we’ll be discussing SQL Injections in further detail, and why, as a website owner, you should care about this kind of attack.

Continue reading Understanding Website SQL Injections at Sucuri Blog.

How to Stop & Prevent DDoS Attacks

With DDoS attacks being an ever growing threat to servers across the globe, it’s become a fundamental part of website security. This impacts businesses both in terms of site presence, availability and profits. Over the last 8 or so years the web has had to evolve to respond to the increase in these attacks. For example, ​​back in 2014 a couple of teenagers were able to take the entire xbox live network offline during Christmas.

Continue reading How to Stop & Prevent DDoS Attacks at Sucuri Blog.

The People Behind Us – Website Security Champions 2021

Kayleigh Martin is a tier 2 Website Security Analyst. Her daily responsibilities include investigating sites for malware, removing the malware, and advising clients on how to prevent future attacks. The most exciting part of her day is finding new malware that’s not been seen before.

She finds that if she focuses on doing her job well, everything else falls into place. “Speed comes after you master the skill.” When she’s not working, she enjoys building websites, going to the beach, and spending time with her daughter and husband. 

Continue reading The People Behind Us – Website Security Champions 2021 at Sucuri Blog.

Finding & Fixing Google Blocklist Warnings

When a website is added to a blocklist by blocklist authorities it can be painfully stressful for their business. SEO rankings take a dive, and loss in revenue/traffic is hit even harder if not resolved quickly. In this article we’ll be discussing what blocklists are exactly, why you should consider them when starting a website, and how to identify & rectify if you’re on any.

What is a Google blocklist?

Blocklists are essentially a database which uses pieces of information to determine if an IP or domain is sending malicious messages or hosting malicious content.

Continue reading Finding & Fixing Google Blocklist Warnings at Sucuri Blog.

Pin It on Pinterest