25 Nov

2014

The CryptoPHP Infection – A Story About Getting Paid Themes and Plugins for Free

php2
A few of our email servers went wild sending spam this weekend. After quickly fixing the spam issue, we started the longer process of identifying the cause for the spam. It turned out to be the CryptoPHP infection (check out the official whitepaper), activated through a few WordPress themes and plugins.
Read More…

 

31 Oct

2014

WP eCommerce Plugin Vulnerability Fixed

bash

Yesterday Sucuri reported a new vulnerability in WP eCommerce – a popular WordPress plugin for online stores. The vulnerability allows attackers to obtain private information from websites. All versions of the WP eCommerce extension before 3.8.14.4 are vulnerable and attackers may export all user accounts, addresses and other information related to people, who used your site and the plugin to purchase any products from your site.
Read More…

 

15 Oct

2014

Time to Say Goodbye to SSL Version 3.0

ssl-farewell

It is no secret that securing your client’s data is an ongoing process and not something that you can simply install on a server/platform. That is why security solutions and protocols evolve all the time and developers frequently release new versions. The two cryptographic protocols that provide communication security over the Internet are TLS and SSL. The latest version of Secure Sockets Layer (SSL version 3.0) is the predecessor of TLS and is nearly 15 years old. So it was only a matter of time for someone to find the next big issue related to the SSL protocol. Yesterday Bodo Möller from the Google Security Team wrote a blog post about a new vulnerability in the design of SSL version 3.0. The vulnerability allows attackers to calculate the plain text of secure connections.
Read More…

 

25 Sep

2014

Major Bash Vulnerability Fixed on All Servers

bash

A major security flaw was discovered in the most popular shell (Bash) which is used by default in many Linux and Unix distributions. A shell is a program that takes your commands (accessing folders, listing files, etc.) that you type and sends them to the operating system to be executed. The Bash vulnerability, also known as Shellshock, allows attackers to issue arbitrary commands via crafted environment variables.
Read More…

 

17 Sep

2014

Updated: WordCamp Europe Coming to Sofia!

wceu
At SiteGround we definitely love WordCamps. We have been involved as sponsors and speakers in many of them lately. However, the upcoming WordCamp Europe is extra special for us. The reason? It will happen in our home city – Sofia! So apart from being just a sponsor, we get the chance to become much more involved this time: we have a ninja volunteer (Tina) in the main organization team of the event; we will welcome the contribution day in our office and we will be able to share our favorite places and pastimes with all the friends, clients and partners coming to town. Below is the list of events that we organize and anyone attending WordCamp Europe can join:
Read More…

 
Page 1 of 212