SoakSoak WordPress Malware

On Sunday, Dec. 14 2014, a new WordPress threat called SoakSoak infected over 100,000 sites. That number will have risen sharply over the last 2 days. If your blog is infected, and that infection has been detected by Google and other security companies, your site will be blacklisted. That means it won’t appear in the…

Read the rest of this article…

WordPress Update Announcement

WordPress has just released version 3.9.2, fixing a serious bug which allows someone to easily overload any site running WordPress version v3.5 to v3.9.1. I recommend that you upgrade any WordPress installation to the latest version every time you are prompted to do so on your dashboard. Since the introduction of WP 3.7, sites will…

Read the rest of this article…

BlogDefender Logo

BlogDefender was originally launched in 2012 to meet the need for training on how to protect WordPress blogs from unwanted attacks from hackers. For 2014, the product has been revamped, taking account of how WordPress has changed over the last 2 years and how hackers methodologies have changed in that time as well. WordPress users,…

Read the rest of this article…

Did you know that 30,000 WordPress sites are hacked each day? With the WordPress Brute Force Attack that’s been going on this month and the generally insecure nature of WordPress itself, it pays to harden your blog against probes and attacks by hackers. WordPress doesn’t have any inbuilt security (a major oversight) and those new…

Read the rest of this article…

How often do you see messages like this in your Inbox: [Blog Name] User failed to login [] User failed to login Unless you have a WordPress security plugin installed, probably never. That’s because WordPress doesn’t let you know when someone is probing for a way into your site. And without these notices, you have…

Read the rest of this article…

Back in April (2013), a MAJOR distributed Brute Force Login attack was perpetrated on every server where WordPress was installed. This was an on-going and highly-distributed, global attack across virtually every web host in existence that went on for weeks. The attack was well organized and over 90,000 IP addresses were involved in it. Statistics…

Read the rest of this article…

Most people who use WordPress don’t know a thing about securing their sites from hackers. Many webmasters will also use simple and easy-to-guess usernames like “admin” or ridiculously easy-to-guess passwords like “password” or “123456“. Naivete more so than complacency is responsible here. And it’s only after your blog gets hacked that you recognize how important…

Read the rest of this article…

If you read my post yesterday (April 14, 2013), you’ll be aware that there’s been a concerted effort to attack WordPress sites all across the world in the last several days. So, what’s known so far, based on the collected and analyzed data is that a very large majority of the attacks are coming from…

Read the rest of this article…

I wanted to bring this to your attention today (April 14th, 2013). A MAJOR distributed Brute Force Login attack is being perpetrated on every server where WordPress is installed. This is an on-going and highly-distributed, global attack across virtually every web host in existence. The attack is well organized and over 90,000 IP addresses are…

Read the rest of this article…