Hackers tried to steal database logins from 1.3M WordPress sites

[ad_1]

Hackers tried to steal database logins from 1.3M WordPress sites

A large scale attack targeted hundreds of thousands of WordPress websites over the course of 24 hours, attempting to harvest database credentials by stealing config files after abusing known XSS vulnerabilities in WordPress plugins and themes.

“Between May 29 and May 31, 2020, the Wordfence Firewall blocked over 130 million attacks intended to harvest database credentials from 1.3 million sites by downloading their configuration files,” Wordfence QA engineer and threat analyst Ram Gall said.

“The peak of this attack campaign occurred on May 30, 2020. At this point, attacks from this…

[ad_2]
More Info

What You Should Know About WordPress

[ad_1]

pixelcreatures / Pixabay

A website is a must-have asset for all businesses and I have recently received a lot of questions about WordPress and it’s benefits. It is my #1 recommendation for a website platform and I am not alone. In fact, according to information compiled by W3techs, WordPress is the most used CMS with a 61.8% market share. So why is WordPress so popular and what are some basics YOU need to know?

Before we get started, let’s address the difference between WordPress.com and WordPress.org.

The key difference is who’s actually hosting your website. With WordPress.org, you…

[ad_2]
More Info

WordPress Security Updates (Complete Guide)

[ad_1]

Wondering how to implement security updates on your WordPress website safely?

Security updates are extremely important. Delay in implementing updates can cause your website to be hacked. But a lot of times updates can cause compatibility issues that can break your website.

It’s a catch-22 situation.

Luckily, there is a way to update your site without breaking it. All you need to do is use a staging site to test the updates and then implement them on the live site.

In this article, we’ll walk you through every step in the process of how to update your website safely.

TL;DR

To update your…

[ad_2]
More Info

Attackers Target 1M+ WordPress Sites To Harvest Database Credentials – Threatpost

[ad_1]

wordpress plugin

An attack over the weekend unsuccessfully targeted 1.3 million WordPress websites, in attempts to download their configuration files and harvest database credentials.

Attackers were spotted targeting over one million WordPress websites in a campaign over the weekend. The campaign unsuccessfully attempted to exploit old cross-site scripting (XSS) vulnerabilities in WordPress plugins and themes, with the goal of harvesting database credentials.

The attacks were aiming to download wp-config.php, a file critical to all WordPress installations. The file is located in the root of WordPress…

[ad_2]
More Info

Large-scale attack tries to steal configuration files from WordPress sites

[ad_1]

WordPress

Image: ZDNet, WordPress

Hackers have launched a massive campaign against WordPress websites over the past weekend, attacking old vulnerabilities in unpatched plugins to download configuration files from WordPress sites.

The goal of the attack was to use old exploits to download or export wp-config.php files from unpatched websites, extract database credentials, and then use the…

[ad_2]
More Info

Stop Website Spam With These 4 WordPress Plugins

[ad_1]

Today I have some WordPress security plugins to help you improve the performance and safety of your website.

Installing the latest security plugins on your WordPress website will help protect you from brute force attacks and spam. With so many outside sources trying to break in now is a good time to get started. Is your website vulnerable to unwelcome logins and malware? Use these reliable and free WordPress plugins, and let me know how these work for you!

1) Cloud spam protection – CleanTalk

Stop hackers from coming into your website with this reliable security plugin. CleanTalk does not…

[ad_2]
More Info

Best WordPress Hosts on the Internet

[ad_1]

If
you are starting out developing websites, then you’ll have many Content
Management Systems (CMS) as options. If your website is text heavy and more of
a blog or a magazine then chances are that you will settle on WordPress as the
CMS of your choice. WordPress is a powerful CMS which has fantastic
functionalities for almost any kind of user. Being such a popular CMS, there
are many themes and templates out there, both free and paid, which can be
customised to suit your preferences.

WordPress also has a huge bank of plugins that can help you set up anything from a mailing…

[ad_2]
More Info

WordPress security: Critical flaw fixed in bbPress forum plugin

[ad_1]


Adam Bannister

02 June 2020 at 15:25 UTC

Updated: 02 June 2020 at 16:04 UTC

More than 300,000 sites at risk from exploit that could grant attackers full control of forums

Multi coloured speech bubbles

Developers behind bbPress, a popular WordPress forum plugin, have patched a critical security vulnerability that could lead to unauthenticated privilege escalation.

Attackers who exploit the logic bug could grant themselves authorization to delete forum activities, import or export forum users, and create new forum moderators,…

[ad_2]
More Info

What will be the best way to build the cross-platform app of an e-commerce WordPress site?

[ad_1]

WordPress websites has the highest number of websites over the internet. With the increasing popularity of cross platform app, it is necessary to have a reliable mobile app for business.

 Building mobile app from scratch might seem costlier and time taking for a while. However, being a worth step, it is not bad to take hard steps for an app. Just looking it from different angle, what if you can turn your wordpress website into full-fledged cross platform app. There are few ways, which can help you building the cross platform app from scratch.

image

Here we will take a deeper look at the…

[ad_2]
More Info

Seynd Launches Free Web Push Notification Plugin on WordPress

[ad_1]

Seynd Web push notification Plugin now available on WordPress

Seynd Web push notification Plugin now available on WordPress

WordPress Users guaranteed 100% message delivery using Push Notifications.

New York, New York–May 12, 2020–Seynd web push notification services have launched a free web push notifications plug-in for WordPress Users. Users can start directly communicating with website subscribers using web push notifications.

“Web Push Notifications were created to help solve the problem of emails becoming increasingly less effective. These alert-style messages are sent from your website to your opt-in prospects &…

[ad_2]
More Info