WE HAVE MANY SUPPORT OPTIONS

3Get our response in 2 hours or less.

You can also email us at info @ intelliplans .com // Need Remote Support? Windows or Mac

WE'RE AVAILABLE 24/7

Sales: 800.229.0674
24/7 Phone Support: 850.549.2282 | 480.624.2500
Customer Service | Contact Form | Email

Why you Must Secure your CMS

Part of what has made the internet more of a necessity than a luxury is how accessible it is for people. So accessible that just about anyone can have their own website, which is why there are over one billion existing websites right now-a number that grows as impressively by the second as it has by the year.

So, why are CMS platforms targeted by hackers?

First, because websites on these platforms are so prevalent. Second, because the open-source framework of these systems requires webmaster responsibility and attention to security precautions.

There’s a lot of monetary incentive for hackers to find and exploit vulnerabilities in these systems since these CMS platforms are so widely used by businesses and for e-commerce purposes. That, on top of already existing hacker culture, is incentive enough for digital perpetrators to regularly target open source CMS systems.

Continue reading
Rate this blog entry:
1143 Hits
0 Comments

WordPress Under Attack As Double Zero-Day Trouble Lands

WordPress Under Attack As Double Zero-Day Trouble Lands

The WordPress platform is yet again under attack, thanks to vulnerabilities across old and new versions of the content management system.

The most pressing issue is a fresh zero-day, a previously unknown and unpatched weakness, affecting the latest version of WordPress, 4.2, and prior iterations, as revealed by Finnish company Klikki Oy yesterday. It released a video and proof of concept code for an exploit of the flaw, which allows a hacker to store malicious JavaScript code on WordPress site comments. Under normal circumstances, this should be blocked as it could be abused to send visitors’ usernames and passwords to a hacker’s site – what’s known as a cross-site scripting attack. All that’s required is for a user’s browser to parse the code when they land on the affected site.

If a logged-in administrator visits the affected page, the hacker could acquire access to the server, Klikki Oy warned. “Alternatively the attacker could change the administrator’s password, create new administrator accounts, or do whatever else the currently logged-in administrator can do on the target system.” For website admins, the advice for now is to disable comments until a fix is released.

Ryan Dewhurst, security researcher and owner of the WordPress vulnerability database WPScan, told FORBES he’d tested the attack code and it worked. His own proof of concept hack can be found on Github. He noted the attack requires the hacker to have a previously approved comment on the target site so the comment containing the exploit does not need approving.

Continue reading
Rate this blog entry:
933 Hits
0 Comments

WordPress to Remain Most Attacked Platform, Researchers Say

WordPress to Remain Most Attacked Platform, Researchers Say

Cyber-criminals continue to focus on the popular open-source Web content management platform and its ecosystem of plugins, according to researchers.

Over the past two years, cyber-criminals have focused more heavily on attacking Websites based on the WordPress content management system and its ecosystem of software plugins.

The trend will continue in 2015, driven by the lack of security awareness among WordPress' large user base and the lack of security expertise among its plugin developers, according to experts.

In 2014, attacks against WordPress sites were more numerous than the attacks against all other platforms combined, stated a report published by security firm Imperva. This is not surprising, considering that nearly 24 percent of Websites use WordPress, according to Internet survey group W3Techs.

Brute-force password-guessing attacks and exploitation of vulnerable plugins are two common vectors of attack.

Continue reading
Rate this blog entry:
1129 Hits
0 Comments
TOP