One Ransomware Victim Every 10 Seconds in 2020

A new organization became a victim of ransomware every 10 seconds in 2020 with remote workers experiencing a sharp uptick in threats, according to Check Point.

The security vendor’s 2021 Security Report is compiled from its ThreatCloud intelligence sensor data, its own research and recent surveys of IT professionals.

The report claimed that consumers and organizations face 100,000 malicious websites and 10,000 malicious files every day, with double extortion ransomware in particular on the rise. In Q3 2020, nearly half of all ransomware incidents involved theft of data from the targeted organization.

“Once a single victim is infected, the attackers leverage that person’s old email conversations for malware distribution, forwarding the last email of the thread and adding malicious files as attachments,” the report explained.

Full article: https://www.infosecurity-magazine.com/news/one-ransomware-victim-every-10/

Multiple Vulnerabilities In Ninja Forms WordPress Plugin Could Allow Site Takeovers Attribution

Some serious security vulnerabilities existed in the Ninja Forms WordPress plugin that risked over a million sites. Exploiting these vulnerabilities could allow an attacker to takeover target websites and redirect incoming traffic to malicious links.

Of course, any sites under management by ProtectYourWP.com have already been updated with the latest fixes.

Full article: https://latesthackingnews.com/2021/02/22/multiple-vulnerabilities-in-ninja-forms-wordpress-plugin-could-allow-site-takeovers/

WordFence offers free security audits to K-12 public schools using WordPress

Know a K-12 public school using WordPress?

Wordfence is offering free site security audits and site cleaning for public and government-funded schools, now available worldwide. (The original announcement said U.S. only, but apparently they’ve extended it.) Check out their announcement, and please share this offer with a state-funded school, anywhere in the world, that could benefit from their services.

Whitehouse.gov uses WordPress

The big buzz in the WordPress community this month is that the new administration is using WordPress to serve Whitehouse.gov.

And while you and I probably don’t have anywhere near the manpower behind our sites that the Federal Government can muster to keep one of the most visible – and probably one of the most attacked – websites on the internet safe from all manner of security threats, it’s reassuring to know that they trust it enough for something this important.

So rest assured that YOU have made a good choice in using WordPress.

Is WordPress perfect? Definitely not – no computer program is. Does it hit that sweet spot of balance between ease of use, flexibility, security, and cost? I’d say yes.