Cyber security news for all

More

    Ways to minimize risks through WordPress plugins

    WordPress is the most widely used content management system worldwide. Websites built with it are regularly attacked due to security gaps. However, vulnerabilities in plugins and themes are often gateways for hackers. Users have to update them manually. An official auto update plugin should now remedy the situation. The extension WordPress updates are currently still in phase and it is recommended not to use the plugin in productive environments yet.

    Do Automatic Plugin Updates Bring Risks?

    Not every plugin project has the power. Most of the free plugins in the WordPress plugin directory are only developed by one person or maybe a small team. That doesn’t mean that these plugins are bad. We know from the past, that it is mostly the plugins that open security gaps and thus your own WordPress instance becomes a target for hackers. It can therefore be assumed that the code quality suffers or is not tested enough. But it explains why we quickly click on the update button for well known plugins and rather not for others.

    Do Not Customize Plugins Yourself

    To save development time, official and unofficial plugins are often simply adapted by developers. If the version number or the name of the plugin is not changed, WordPress offers an update, although this may not be carried out because it would otherwise overwrite your own changes.

    Detect Bad Plugins

    How could you recognize a bad plugin? Since the layperson cannot check whether the code quality is good, a system would have to be created that can do this. Would something like that work? The answer is very clear: yes! A small WordPress team is already working on such a system. The vision is to carry out automated quality tests for all WordPress plugins and themes and to make these test results visible to both the authors and the end users of these plugins and themes.

    Recent Articles

    Unclear cyber attacks that target Covid-19 vaccine campaign

    Security researchers have discovered some cyber attacks that are targeted against the delivery of vaccine against COVID. The targeted attacks began in 2 months...

    New malware called Egregor is on the rise

    New malware is on the rise. The Egregor malware has only been in active for 2 months, but it is already becoming apparent that...

    Anyone with a smartphone can become a victim of cyber-mobbing

    Cyber-mobbing is becoming a huge risk in the current COVID crisis. According to a study, almost 20 percent of students in Germany are exposed...

    macOS Trojans: Traces lead to Vietnam

    Security researchers have discovered a new macOS Trojans. Behind this could be a well known hacker group that has spied on Vietnamese dissidents in...

    Court forces Tutanota to perform a surveillance function

    Tutanota email only stores its user mails in encrypted form and cannot read them itself. Tutanota is one of the few email providers that...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox