Baba Yaga, a complex, new malware that eats other malware

 

The Defiant team (Wordfence) have discovered a new malware that, interestingly, removes other malware.

This is done, apparently, to keep the host server alive to allow it to continue to spew spam and other malicious activities.

Learn more about Baba Yaga at the Wordfence blog: https://www.wordfence.com/blog/2018/06/babayaga-wordpress-malware/

api.wordpress.org a potential single-source of failure

Wordfence has posted an important article revealing how WordPress’ automatic update system is vulnerable to compromise. It’s thick reading, but well worth understanding.

Automatic updates is by default “on” with all installations of WordPress.

Hacking 27% of the Web via WordPress Auto-Update

Moving to Endpoint Security for WordPress

Wordfence has been providing endpoint security for WordPress powered web sites since 2012. Here is a recent blog post on https://www.wordfence.com providing information about what endpoint security is.

You’ve probably seen the term ‘endpoint’ talked about in the press recently in the context of information security. Lets discuss what a network endpoint is, why securing endpoints can dramatically strengthen your overall security posture and why big vendors like Intel Security (formerly McAfee) and a number of startups are launching products that focus on endpoint security…

Full article at https://www.wordfence.com/blog/2015/11/moving-to-endpoint-security-for-wordpress/

Should You Disable XML-RPC on WordPress?

Wordfence has posted a well written blog post that describes the XML-RPC API and how disabling it will affect your WordPress hosted web site.

Recent improvements to WordPress and Wordfence’s blocking tools have lessened the need to disable the API.

Here is the blog post: https://www.wordfence.com/blog/2015/10/should-you-disable-xml-rpc-on-wordpress/

Wordfence is one of the most effective plugins to manage  security for WordPress powered web sites. Learn more about it here: https://www.wordfence.com/