Did you just try to access your site and encounter a Deceptive Site Ahead warning? This error message occurs when the browser believes your website is unsafe and experiencing security issues — and it can seriously affect your traffic and reputation.
When this warning appears on your site, you’ll want to address it as soon as possible to ensure that your site (and visitors) are protected from phishing and other social engineering attacks.
Continue reading How to Fix the “Deceptive Site Ahead” Warning at Sucuri Blog.
Every so often attackers register a new domain to host their malware. In many cases, these new domains are associated with specific malware campaigns, often related to redirecting legitimate website traffic to third party sites of their choosing — including tech support scams, adult dating, phishing, or drive-by-downloads.
Since late December, our team has been tracking a new spike in WordPress website infections related to the following malicious domain: track[.]violetlovelines[.]com
PublicWWW results show over 4,500 websites impacted by this malware at the time of writing, while urlscan.io shows evidence of the campaign operating since December 26th, 2022.
Continue reading Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network at Sucuri Blog.
Vulnerabilities within WordPress can lead to compromise, and oftentimes known vulnerabilities are utilized to infect WordPress sites with more than one infection. It is common for out of date websites to be attacked by multiple threat actors or targeted by the same attacker using multiple different channels.
We recently came across a database injection that has two different pieces of malware accomplishing two unrelated goals. The first injection redirects users to a spammy sports website and the second injection boosts authority of a spammy casino website within search engines.
Continue reading Vulnerable WordPress Sites Compromised with Different Database Infections at Sucuri Blog.
According to W3Techs, 43.2% of all websites on the internet use WordPress. And of all websites that use a CMS (Content Management System) more than half (64%) leverage WordPress to power their blog or website. Unfortunately, since WordPress has such a large market share it has also become a prime target for attackers.
You might be wondering whether WordPress is safe to use. And the short answer is yes — WordPress core is safe to use, but only if you maintain it to the latest version and employ some additional protections on the admin login page.
Continue reading Is WordPress Secure? at Sucuri Blog.
Critical errors on any system can be extremely frustrating. But if you’ve recently encountered the “There has been a critical error on your website” message on your WordPress site, don’t fret!
In many cases, critical errors are the result of conflicts in plugins, theme files, or PHP related issues. This is one of the most common errors WordPress administrators can encounter and there are a number of ways you can resolve it.
Continue reading How to Fix “There Has Been a Critical Error on Your Website” in WordPress at Sucuri Blog.