Collaborate Disseminate
I am considering using Wordpress, WooCommerce, third party payment processor and different plugins for an ecommerce store.
I have trouble figuring out if it is possible to do all that and to be PCI DSS compliant and SAQ A el… Continue reading PCI DSS SAQ A compliance with WooCommerce and 3rd party payment gateways – possible?
So, Satoshi Nakamoto, creator of Bitcoin has announced that he will supposedly be revealing his real identity. I find the fact that Satoshi’s company website is hosted on Wordpress to be endlessly amusing for some reason. I m… Continue reading Satoshi Nakamoto Renaissance Holdings’ website is WordPress? Is it safe? [on hold]
Hi I have a WebApp where security is important. E.g.
www.somewebapp.com
The app has a wordpress blog (hence not secure since wordpress). e.g.
www.somewebapp.com/blog
To protect the webapp from the insecure blog, the b… Continue reading Reverse proxy isolation from insecure blog, are sessions vulnerable?
SiteLock this week extended the reach of its tool for finding and removing malware from databases to include the open source MySQL database. Previously, the SMART Database only supported websites built using the WordPress framework. Now the company’s … Continue reading SiteLock Extends Database Security Reach to MySQL
A new type of malicious plugin has been spotted in the wild with the capability of targeting individual blog posts. Continue reading Cryptolocking WordPress Plugin Locks Up Blog Posts
An ongoing malvertising campaign is exploiting WordPress plugin vulnerabilities to redirect website visitors to malicious pages. Continue reading WordPress Plugin Flaws Exploited in Ongoing Malvertising Campaign
This question already has an answer here:
How to protect WordPress from brute-force attacks?
3 answers
Today our site is … Continue reading How to defend against brute force attack on wp-login.php? [duplicate]
Anyone have experience and advice to locate the source and stop an ftp hack on my client’s Wordpress site hosted on BlueHost? The hackers were able to do the following:
Create multiple ftp accounts with usernames like ss-ee… Continue reading Bluehost WordPress Site hacked multiple times FTP MMprobe php file
Another day I commented on wordpress blog and I could subscribe me for get new comments and answers from author and other users. Well, I receive, on my personal email, a message from wordpress to a Subscription Managementpage… Continue reading What about privacy data on Subscribe WordPress and How to unsubscribe?
WordPress Plugin WP Statistics Patches XSS Flaw, Three RCEs in Android’s Media framework, Nine Best Practices For Integrating Application Security Testing Into DevOps, 6 Traits That Define DevSecOps, and much more! News Bugs, Breaches, and Mo… Continue reading Application News – Application Security Weekly #68