CloudFest is always an event to remember. With representatives from cPanel, Plesk, and WHMCS in attendance, WebPros was not only a sponsor of the event but also out in full force. With over 6,000 attendees, 250 speakers, and over 150 partners from 65 countries, CloudFest truly is the #1 even for the cloud industry. We gathered at Europa Park in Germany, with partners, enthusiasts, and the cloud community to network and share industry knowledge, best practices, …
This blog post explains what we saw, and how we protected our users from the scam sites hours before the compromised channels were taken down. All times in this post are GMT.
With much activity happening in the WordPress development space every day, keeping up-to-date with the latest updates can be challenging. The new WordPress Developer Blog is a developer-focused resource to help you stay on top of the latest software features, tutorials, and learning materials relevant to the open source project. This blog is the culmination […]
WordPress 6.2 Release Candidate 3 is now available for download and testing.
This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it is recommended that you test RC3 on a test server and site.
On April 10th, we will begin the process of transitioning all cPanel customers and partners to our new and improved payment processing system. This upgrade will solve many issues that have existed within our legacy system and allow for a smoother billing experience moving forward. Our intention is to make this transition as smooth and behind-the-scenes as possible, however the potential does exist for certain customers and partners to take minor action relative to their …
The collapse of Silicon Valley Bank (SVB), once the go-to financial institution for early-stage technology businesses and startups, is being exploited by cybercriminals. In this blog post, we discuss some of the tactics and techniques Netcraft has already detected criminals using to exploit SVB’s collapse – either directly or indirectly – as a lure.
As the flurry of COVID-themed attacks proved, cybercriminals waste no time in exploiting the attention such stories generate. Criminals often exploit current news stories, or specific times of year (like tax reporting) to make their scam seem more relevant to victims. They’ll also use the fear of missing out, hoping to trick victims into responding quickly.
New SVB-themed websites abound – criminal and otherwise
Since news of SVB’s collapse was announced, Netcraft has detected and blocked several SVB-related attacks in our malicious site feeds:
One of the websites pretending to be a USDC Reward Program
WordPress 6.2 Release Candidate 2 is now available for download and testing.
This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it is recommended that you test RC2 on a test server and site.
WordPress 6.2 Release Candidate 1 is now available for download and testing.
This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it is recommended that you test RC 1 on a test server and site.
The inaugural stop on our WebPros NEXT tour took place March 1st, 2023, in beautiful Sãu Paulo, Brazil. WebPros NEXT events are half to full-day events where select members of the WebPros executive team can meet face to face with partners, customers, and industry leaders, designed to provide a unique opportunity for education, networking, and so much more. Our LATAM event was packed full of knowledge sharing, including workshops on MarketConnect and WHMCS, as well …
Watch this ‘live product demo’ recording with release squad members Anne McCarthy and Rich Tabor as they share exciting enhancements anticipated for the WordPress 6.2 release.
The pressure to update applications due to ever-faster successive updates tempts many a user to become careless and quickly click on an “Update” button. Often this works well, but sometimes unfortunately not. One wrong click – and the website is down or e-mails are lost forever. Therefore it is advisable to always have an up-to-date backup. But who thinks about regular backups? Fortunately, Plesk makes it easy, because every Plesk comes with a built-in backup manager that allows you to create backups manually or automatically on a daily, weekly, monthly and annual basis. Once set up, for example, weekly full…
February has been an exciting month for the WordPress community, with the celebration of the first-ever WordCamp Asia bringing friends and contributors back together in person. But that’s not all; read on for the latest project updates.
Join WordPress enthusiasts from across the globe on May 27, 2023, as they come together to celebrate its 20th anniversary! Regardless of how you use WordPress or where you call home, you are invited to celebrate this great milestone. Plan a larger party that includes your entire meetup, spend the day coworking with a group of friends, or hang out virtually online.
WordPress 6.2 Beta 1 is here and ready for download and testing. This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it is recommended that you test Beta 1 on a test server and site.
Welcome to the first 2023 edition of The Month in WordPress! January kicked off with an overview of WordPress’ big goals for 2023 and new projects beginning to take shape. Moreover, work on the next major release, WordPress 6.2, continues with Beta 1 scheduled for next week. Read on for the latest news. WordPress 6.2 […]
Last month at State of the Word, WordPress Executive Director Josepha Haden Chomphosy shared some opening thoughts on “Why WordPress” and the Four Freedoms of open source. In this recent letter, she expands on her vision for the WordPress open source project as it prepares for the third phase of Gutenberg: “We are now, as […]
Ready-to-go phishing kits make it quick and easy for novice criminals to deploy new phishing sites and receive stolen credentials.
Phishing kits are typically ZIP files containing web pages, PHP scripts and images that convincingly impersonate genuine websites. Coupled with simple configuration files that make it easy to choose where stolen credentials are sent, criminals can upload and install a phishing site with relatively little technical knowledge. In most cases, the credentials stolen by these phishing sites are automatically emailed directly to the criminals who deploy the kits.
However, the criminals who originally authored these kits often include extra code that surreptitiously emails a copy of the stolen credentials to them. This allows a kit’s author to receive huge amounts of stolen credentials while other criminals are effectively deploying the kit on their behalf. This undesirable functionality is often hidden by obfuscating the kit’s source code, or by cleverly disguising the nefarious code to look benign. Some kits even hide code inside image files, where it is very unlikely to be noticed by any of the criminals who deploy the kits.
Netcraft has analysed thousands of phishing kits in detail and identified the most common techniques phishing kit authors use to ensure that they also receive a copy of any stolen credentials via email.
The Motivation Behind Creating Deceptive Phishing Kits
When a phishing kit is deployed, the resultant phishing site will convincingly impersonate a financial institution or other target in order to coax victims into submitting passwords, credit card numbers, addresses, or other credentials. These details will occasionally be logged on the server, but more often than not, are emailed directly to the criminals who install these phishing kits.
Directory structure of an Amazon phishing kit contained in a ZIP file archive.
WordPress enthusiasts tuned in last week for the State of the Word address to celebrate the project’s yearly accomplishments and explore what 2023 holds. But that’s not the only exciting update from the past month. New proposals and ideas are already emerging with an eye on the year ahead—let’s dive into them! Highlights from State […]