security

InfiniteWP Banner Header

If you use the InfiniteWP Client plugin, log into your sites and check for updates. According to Sucuri, versions under 1.3.8 are susceptible to a privilege escalation attack as well as a potential Object Injection Vulnerability. InfiniteWP Client is used to communicate to the Infinite WP service to manage WordPress (more…)

TimThumb Ends Development

The once popular image resizing script known as TimThumb is no longer supported according to co-creator, Ben Gillbanks. In 2011, TimThumb made headlines when a major security vulnerability was discovered and used to hack into several websites. The exploit that was found was a bug with the external image resize (more…)

Clear Text Password

The CEO of iThemes, Cory Miller, published a second update concerning the security breach that occurred on Tuesday. After news of the breach, customers were left wondering whether or not their passwords were stored in clear-text. The latest update confirms that passwords were in fact stored in clear-text and affected (more…)

iThemes Suffers Security Breach, Customers Urged To Reset Passwords

iThemes published details on a security breach that took place earlier today. According to the announcement, after noticing suspicious activity, they noticed a signification attack on their membership database. iThemes urges all customers to reset their passwords immediately. To protect accounts from any unauthorized access, iThemes has temporarily reset all (more…)

iThemes Security Brute Force Login Protection Featured Image

iThemes announced Brute Force Login Protection has been added to the latest version of iThemes Security. The new feature enables users to protect their sites either locally or by activating a network wide setting. Local brute force protection looks only at attempts to access your site and bans users per (more…)