The Rise of Backdoored WordPress Plugins

It all started a few months ago when I was visiting Lester Chan’s website looking for some information about one of his plugins. Lester Chan has written a good number of very popular WordPress plugins that are used by millions of people. Some of the most popular ones are WP-PageNavi, WP-DBManager, WP-PostRatings, WP-Polls and WP-PostViews. While […]

Read More →

How to Avoid Being Hacked

Failing to protect your website and its contents can result in your site being hacked and exposed to vicious malware and trojans. Many web-based businesses have failed because of a lack of website security and there have been many cases of people having their personal information stolen as a result. Additionally, Google may blacklist your website […]

Read More →

Going Beyond Confirmed Web Security Flaws

As I wrote in my previous post about low-hanging fruit and the 2011 Verizon Data Breach Report, I’m a strong believer in finding out where your Web systems are bleeding and focusing on those issues first. It’s the basic principle of triage – finding, and fixing, the urgent issues on the important systems. The thing […]

Read More →