How hackers install and hide rogue plugins on your WordPress blog.
A while back, I explained how hackers created hidden admin users after hacking a WordPress blog. In this post, we will see how they upload and hide rogue plugins.
Tag: Tutorial
Anatomy of the EICAR Antivirus Test File.
Did you know the EICAR AV Test file was a program? In this post, we disassemble that 68-byte COM program and analyze its code.
Securing WordPress with a Web Application Firewall: NinjaFirewall (WP Edition).
In this article we will see how to provide a very high level of protection to a WordPress blog with a web application firewall.
How hackers create hidden admin users on your WordPress blog.
Very often, when we clean up a hacked WordPress website, we found hidden admin users created by the attackers. In this post, we will see how hackers manage to create and hide them.
The impact of an XSS vulnerability on WordPress: How hackers exploit XSS vulnerabilities to create admin accounts on your blog.
With a proof of concept and a video, we explain in this post how hackers exploit XSS vulnerabilities in order to create administrator accounts on your blog.