A while back, I explained how hackers created hidden admin users after hacking a WordPress blog. In this post, we will see how they upload and hide rogue plugins.
Did you know the EICAR AV Test file was a program? In this post, we disassemble that 68-byte COM program and analyze its code.
In this article we will see how to provide a very high level of protection to a WordPress blog with a web application firewall.
Very often, when we clean up a hacked WordPress website, we found hidden admin users created by the attackers. In this post, we will see how hackers manage to create and hide them.
With a proof of concept and a video, we explain in this post how hackers exploit XSS vulnerabilities in order to create administrator accounts on your blog.