Ike.ninja

On behalf of the WordPress security team, I am announcing that we are invoking point 18 of the plugin directory guidelines and are forking Advanced Custom Fields (ACF) into a new plugin, Secure Custom Fields. SCF has been updated to remove commercial upsells and fix a security problem. On October 3rd, the ACF team announced […]

Pending their legal claims and litigation against WordPress.org, WP Engine no longer has free access to WordPress.org’s resources.

Tricky errors like WordPress 500 Internal Server Error keep your site offline if they’re not fixed. Here’s how to solve this one.

The post Securing the WordPress Frontier with WP Guardian appeared first on Plesk.

Note: Due to an issue with the initial package, WordPress 6.5.1 was not released. 6.5.2 is the first minor release for WordPress 6.5. This security and maintenance release features 2 bug fixes on Core, 12 bug fixes for the Block Editor, and 1 security fix. Because this is a security release, it is recommended that […]

This security and maintenance release features 5 bug fixes on Core, 16 bug fixes for the Block Editor, and 2 security fixes. Because this is a security release, it is recommended that you update your sites immediately. Backports are also available for other major WordPress releases, 4.1 and later. You can download WordPress 6.4.3 from […]

The WordPress Security Team is aware of multiple ongoing phishing scams impersonating both the “WordPress team” and the “WordPress Security Team“ in an attempt to convince administrators to install a plugin on their website which contains malware. The WordPress Security Team will never email you requesting that you install a plugin or theme on your […]

Just a few days ago, Zero Day Initiative (ZDI) publicly disclosed not one, not two, but six Zero-Day vulnerabilities in the widely-used Exim mail server. These vulnerabilities have been lurking in the shadows since their discovery in June 2022, when precautionary steps were taken to release patches for Exim and libspf2. Now, the vulnerabilities are finally unraveled. And spoiler alert, you are totally safe! No Action Required by Default on Your End At cPanel, we …

The post cPanel Vulnerability Report: No Actions Required by Default first appeared on cPanel Blog.

WordPress 6.2.1 is now available! This minor release features 20 bug fixes in Core and 10 bug fixes for the block editor. You can review a summary of the maintenance updates in this release by reading the Release Candidate announcement. This release also features several security fixes. Because this is a security release, it is […]

The collapse of Silicon Valley Bank (SVB), once the go-to financial institution for early-stage technology businesses and startups, is being exploited by cybercriminals. In this blog post, we discuss some of the tactics and techniques Netcraft has already detected criminals using to exploit SVB’s collapse – either directly or indirectly – as a lure.

As the flurry of COVID-themed attacks proved, cybercriminals waste no time in exploiting the attention such stories generate. Criminals often exploit current news stories, or specific times of year (like tax reporting) to make their scam seem more relevant to victims. They’ll also use the fear of missing out, hoping to trick victims into responding quickly.

New SVB-themed websites abound – criminal and otherwise

Since news of SVB’s collapse was announced, Netcraft has detected and blocked several SVB-related attacks in our malicious site feeds:

Ready-to-go phishing kits make it quick and easy for novice criminals to deploy new phishing sites and receive stolen credentials.

Phishing kits are typically ZIP files containing web pages, PHP scripts and images that convincingly impersonate genuine websites. Coupled with simple configuration files that make it easy to choose where stolen credentials are sent, criminals can upload and install a phishing site with relatively little technical knowledge. In most cases, the credentials stolen by these phishing sites are automatically emailed directly to the criminals who deploy the kits.

However, the criminals who originally authored these kits often include extra code that surreptitiously emails a copy of the stolen credentials to them. This allows a kit’s author to receive huge amounts of stolen credentials while other criminals are effectively deploying the kit on their behalf. This undesirable functionality is often hidden by obfuscating the kit’s source code, or by cleverly disguising the nefarious code to look benign. Some kits even hide code inside image files, where it is very unlikely to be noticed by any of the criminals who deploy the kits.

Netcraft has analysed thousands of phishing kits in detail and identified the most common techniques phishing kit authors use to ensure that they also receive a copy of any stolen credentials via email.

The Motivation Behind Creating Deceptive Phishing Kits

When a phishing kit is deployed, the resultant phishing site will convincingly impersonate a financial institution or other target in order to coax victims into submitting passwords, credit card numbers, addresses, or other credentials. These details will occasionally be logged on the server, but more often than not, are emailed directly to the criminals who install these phishing kits.

As of December 1, 2022 the WordPress Security Team will no longer provide security updates for WordPress versions 3.7 through 4.0. These versions of WordPress were first released eight or more years ago so the vast majority of WordPress installations run a more recent version of WordPress. The chances this will affect your site, or […]

WordPress 5.9.2 is now available! This security and maintenance release features 1 bug fix in addition to 3 security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated. WordPress 5.9.2 is a security and maintenance release. The next major release […]

Netcraft has seen a large increase in survey scams impersonating well-known banks as a lure. These are often run under the guise of a prize in celebration of the bank’s anniversary, though in some cases a reward is promised just for participating.

These scams first came to Netcraft’s attention around 16 months ago, when businesses that were particularly useful during lockdown such as supermarkets, mobile phone networks, and delivery companies were targeted. The expansion of these attacks to use banks as a lure started in October 2021. To date we have seen over 75 distinct banks used as lures for these survey scams, with a global spread including banks from US, UK, Asia, and the Middle East.

We’ve reached the end of 2021, and it seems like just yesterday we were talking about omni-channel marketing and the massive evolutions that eCommerce saw in 2020. But now it’s time to recap what we’ve learned on Season 2 of Next Level Ops, as well as look towards what’s in store for 2022. To help us do that, we have Brian Richards, founder of WPSessions and organizer of WooSesh, the only WooCommerce-focused event. Brian has developed eCommerce sites, has been teaching WordPress for nearly 10 years, and now focuses on running WordPress and WooCommerce events. As a result, he has…

The post Podcast | A Look Back at eCommerce in 2021, and What to Look For in 2022 appeared first on Plesk.

The Plesk WordPress Toolkit 5.8 is now available. This release comes with the biggest game charger feature of the year – the Site Vulnerability Scan. Let’s have a look at why we’re so excited about this feature going forward: Site Vulnerability Scan WordPress Toolkit can now regularly scans active plugins, themes, and WordPress versions to identify known vulnerabilities, using information provided by our friendly partners at Patchstack. Before we go further into the details of this feature, let’s quickly go through some numbers to understand how much of a game changer this really is: First of all, WordPress is used…

The post Plesk WordPress Toolkit 5.8 Release: Site Vulnerability Scan, Autodetection WordPress Login URL, and More appeared first on Plesk.