Websites experience 22 attacks per day on average— that’s over 8,000 attacks per year, according to SiteLock data. A website vulnerability is a weakness or misconfiguration in a website or web application code that allows an attacker to gain some level of control of the site, and possibly the hosting server. Most vulnerabilities are exploited through automated means, such as vulnerability scanners and botnets. Cybercriminals create specialized tools that scour the internet for certain platforms, like WordPress or Joomla, looking for common and publicized vulnerabilities. Once found, these vulnerabilities are then exploited to steal data, distribute malicious content, or inject defacement and spam content into the vulnerable site.
Tag: SQL Injection (SQLi)
We live in a world where technology rules. From our phones to our cars, we are constantly connected to something, somewhere, at all times. In most cases, the convenience of technology enhances the quality of our lives. But as consumers, there are technology risks and threats we need to be aware (and beware) of. We don’t mean to spook you, but let’s talk about the scary side of the cyber world.
Cybersecurity continues to be an evolving challenge for website designers and developers. Everyday, hackers create new malware strains and perform sophisticated attacks that can devastate client websites.
SiteLock is promoting Cybersecurity Awareness Month and as a web designer or developer, it is imperative that you understand your role in the security of your clients’ websites. Many people assume that you are handling every aspect of the site, including its protection. Because of this, you must take action and understand how to provide that security.
Cybercriminals are unpredictable. They’ll surprise you by sneaking into your website, executing attacks and harming your data and business. You can think of it like a baseball game in which the hacker is trying to make it to the next base without getting called out. Secure all your bases by learning a little about how hackers attack your website.
This past Wednesday, Yoast, makers of one of the most popular WordPress plugins, WordPress SEO by Yoast, disclosed a blind SQL injection vulnerability against authenticated users given a successful cross site request forgery (CSRF) attack.
What is blind SQL injection and CSRF, how can the WordPress SEO vulnerability affect your site, and what should you do about it?