Listing of articles – click the headline to read:

Password Re-use – Why you Need a Website Password Manager

Re-used password wraning

I use the same password on all my accounts – I can’t remember different passwords for each one A recent survey done by SecureAuth Corp and Wakefield Research found that 81% of the people interviewed used the same password on more than one account. That number rose to 92% among Millennials, 36% of whom also… Read more

Vulnerability in Old Versions of Duplicator Plugin Enabling Hacks of WordPress

WordPress Duplicator Plugin

A heads up from our friends at Sucuri: A vulnerability in old versions of the WordPress Duplicator plugin by Snap Creek is enabling hackers to either remove or re-write the wp-config.php file, which breaks the affected sites. This affects Duplicator versions lower than 1.2.42, and which have these specific characteristics:The installer.php file must have been… Read more

How do Websites Get Hacked – Software Vulnerabilities

Screnshot of hacked website

In the first article in this series I gave some background information on the scale of cyber-crime and looked at the different ways hackers can steal your usernames and passwords. Theft and misuse of usernames and passwords is one of three principle ways websites get hacked. The other two are: Software vulnerabilitiesThird party software integration… Read more

9 Security Flaws in Firefox – Make Sure You Update

Firefx Logo

Just heard from the guys at WordFence that Mozilla released an advisory explaining that nine security flaws had been discovered in Firefox 61. A new version had been released, and as long as you have automatic updates enabled Firefox will update itself. If you don’t have automatic updates enabled then you will need to do… Read more

Phishing Attack on WordPress Websites

The guys over at Sucuri have warned that a phishing attack is currently being run on WordPress websites. It appears that WordPress users are receiving an email that looks like an official email from WordPress, telling the recipients that their website database is out of date and needs to be updated. Here’s a version: There… Read more

How do Websites get Hacked – Username and Password Theft

Screenshot of a hacked website

Three types of WordPress hacks I’ve said elsewhere on this site that cyber-crime is probably the only real growth industry around today. The scale of it is daunting. So this and the next 2 articles will look at how websites get hacked and, in particular, the three broad types of hack that affect WordPress websites… Read more