I have posted out a new podcast today, how we address some key news topics, articles, and some of the associated risks around WordPress and Information Security for businesses.
Like all weeks there has been a lot going on in the WordPress Security arena and some key statistics have come out around WordPress that may surprise you!
In this podcast, we are going to be covering the following:
- [NEWS] Dutch Developers built backdoors into thousands of sites
- [NEWS] Western Union Pays $586 Million to settle Fraud Charges – Holy Bankroll Batman!
- [NEWS] Tor is going even DARKER! Yea baby! Privacy is good!
- [NEWS] Ransomware attack hits the St Louis Public Library…..how do you encrypt a book?
- [NEWS] Big money hackers (Billions) using Google Services to Control Banking Malware
- [WordPress] How to evaluate WordPress Audit Trail Plugins
Other associated links and resources:
- [WordPress] XML-RPC Affecting WordPress Security
- [NEWS] Brian Krebs Uncovers Murai Botnet Author
- [WordPress] August 2016 WordPress Core, Plugins & Themes Vulnerabilities Roundup
- [WordPress] 20 Tools to turn your WP site into making money
- [WORDPRESS] Sucuri puts out the WordPress Optimization Guide, not totally security related but …Nice job
- [NEWS] IT Scary Man holds a business hostage and starts to play with extortion!
I hope you enjoyed the podcast and it provides you value securing your business and WordPress site!
Listen on iTunes, don’t forget to subscribe to the show!
Lastly, check out our sponsor: Sucuri.net
I know you will enjoy this episode.
Thank you for listening!
“WordPress Security Daily”
BONUS – Don’t forget you can use the content in the podcast/training for Continuing Professional Education (CPE) credit!
Can’t listen right now – Read the transcript below.
Sean Gerber: This is WordPress Security Daily with Sean Gerber, episode 34, recorded Tuesday, January 24th, 2017, WordPress and security business newscast. Let’s get going. Alright, it’s time for WordPress Security Daily. I hope you’ve all been doing wonderful this past week. Life is good here in Kansas you know. Hey, it’s always good in Kansan, right? We can’t complain at all. It has some beautiful weather has been a balmy 45 degrees in the middle of January and in the end of January, it’s usually like flipping super cold at this time of the year. So we’re extremely happy about that. We got a lot of good stuff going on this week in the WordPress and in just basically information security basics and basic news as well. So it’s amazing how much it’s actually changing and the world has just changing so bloody fast. I know I said this before on podcast but it is. It’s incredible. So we’ll get it through a lot of these different things that we have on WordPress Security Daily and it’s always good to have you here. I look forward to get it going but before we get going, let’s take a quick break from a word from out sponsors.
So this week, this is sponsored by Sucuri, Sucuri.net. Have you ever had your site hacked and felt the sinking feeling in your stomach and then think yourself, “Oh, no, now what –.” Believe me. I’ve had that happened to me and it’s like, “Oh, this is not good.” Right? Well, you’re totally confused about security and how to best protect your site, ensuring your brand and potentially your livelihood. Sucuri can help you out. They offer a wide range of products and services. They can clean, hack, do face websites providing you actual protection capabilities that you need for your site. Here is just a few of the services they offer, website malware remover and cleanup, website application firewalls, distribute a denial of service mitigation and so much more. Check them out at Sucuri.net. That’s Sucuri.net.
Alright, let’s get on to our podcast. So if you’re developer, you’re probably are thinking about this next topic and going, “What?” Well, it’s true, Dutch Developers built back doors into thousands of websites. So if you’re a business owner seeing this, you probably going, “I’ve got a bunch of developers potentially on stuff.” “What are they doing?” This happens with any employees that you may have within your company. You have to trust but as — are older, the giper[?] would say on Ronald Reagan, “You got to trust but verify.” In the case, it’s no different in dealing with developers as it is with any of their employee that you got to trust but verified. Well, in this case, a Dutch police are warning that — and this about a week, about a week ago when this happened, that 20,000 users of their email accounts were hacked after malicious web developer left back doors in sites that he built. So, what they found is that this gentleman went out there and he would build the websites for people and then, he would end up going back in later and he build back door so he could get access to their site, then he would steal their information or log on information usually to their emails or to even social media as well and then, post as them online, and so, he would do this to try to basically talk to your friends and family and say, “Yow, I’m out of cash.” “Would you please send some to me?” And sure enough, families would do this. He has been doing this for quite some time and over the period of time that he’s been doing it. He has accumulated quite a bit of cash. What they found out that it started in 2014, the police operation was basically like a sting that it gradually expanded in scope and in base to the extent of the crimes that they were looking after.
By stealing the social media accounts, he was able to get people to transfer money to him. I mean, it’s just amazing. So now, they’re warning people though, if you got your accounts and you check them and you changed your email and passwords and basically you let people know that what’s going on. Now, you hope that whoever had contracted him has gone in and maybe find another developer to help him in this situation but this not good. So you know, the article that was out there made a comment that you need to make sure you hire people that are trustworthy web developers to basically take care of you, and that’s true. You do, but the challenge is going to be is how do you know? You can do background check. You can do those kind of things but I’m a big believer in that the insider — you have your company can happen at any time, and your developer, your best developer you’ve got could turn around and be the next Dutch guy that ends up stealing all your stuff. So you need to understand who your employees are. You need to trust them but you also need to verify and then you need to put in place some way to monitor what they’re doing whether it’s an audit, whether it’s just some sort of logging and monitoring it when they logged in especially if you’re doing with resources that aren’t basically contracted outside of your company. We do see this routinely with the third party contractors that will come in and maybe do development work from a contractual standpoint.
How do you know they’re doing the right thing? So you have a couple different options. You know, you can build an infrastructure in place to basically protect yourself from it or you can audit them and give them some level of control. One thing also to think about is as you are maybe say a WordPress developer and you’re just getting started a WordPress owner, right? You want to start of your own WordPress site and you maybe have a developer help you, you need to consider some different ways that you can share those credentials with that developer because there’s times when you need to let them get into your sites so that they can make some changes and modifications but you need to ask yourself, “Okay, if you’re going to do that, what are you going to once this person is done and how do you know that he didn’t put something in your site?” So, go back and check out one[?] of my other podcast. I got about that, and realistically, when it comes down to it, you go out and you may have to give them an administrative account. Don’t give them the main one that you have and then delete the account as soon as they’re done with their business but then, also watch for any other accounts that may have been created because of this person, look for any plugins that were created and install because of this person. So you got to decide how you want to handle that but developers, they’re the ones that are going to really be the weight into your environment. So you got to be careful with who you pick, who you select and how you bring them on board.
Okay. In this next news article is talking about Western Union pays $586 million to settle fraud charges. I kind of come back to this of the old Batman themes, kind of dates me I guess but holy banks roll Batman. It comes down too from security week. Western Union had put out this article. It talked about how they are getting squawked by the FTC which is the Federal Trade Commission for basically allowing fraudsters and cyber criminals to continue using wire transfer through Western Union. The interesting part about all of this is that — I mean, it still blows me away but $500 million, $586 million to be exact but a half a billion dollars to settle this situation with the Federal Trade Commission and the U.S. Justice Department. So what they’re saying is — and we’ve all seen this from — if you’ve been on the security space for any period of time that the fraudsters will use some version of Western Union to transfer funds, and so, they’ve been doing this and they’ve allow it with the interesting — another interesting piece of this, not the one but another one is the fact that they’ve had people that are involved with over 29 owners that have been convicted and employees of Western Union agents for their role in this fraud schemes.
I don’t know much about Western Unions, how they do their business model but I assume if it gets 29 owners, it’s probably very similar to the franchise concept. So there’s 20 different owners that specifically have been indicted and have basically been going to jail since 2001. That’s huge. They’re saying that over a half a million complaints regarding fraudulent transfers were involving advance fees of $632 million totals of what they feels has been happened. So these are from advance fee concepts to an online dating, to lottery but a lot of different scams and you know, this is the one that i loved the best and we just kind of talked about it, right? The family emergency scam, and which happen in the — They talked about in the previous article. So the point of that is that they think that over 632 million people had been conned out of cash and they don’t think that that’s all of it. They just think that’s only the people had reported it that have made a complaint. So, could you think about it? $600 million from this, and that’s only the tip of the iceberg. It’s huge, big money, like I’ve always said, there’s a lot — there’s a big — the cash is good if you’re a bad guy but put it down size it’s not so good. It’s just amazing. It blows my mind that that happened.
So the interesting part in all of that, another interesting part like lots of interesting parts but a point on this is that if the FTC which is really becoming kind of the muscle behind some of the regulations and it’ll be interesting to see how the new administration, how that continues or changes but the FTC went after Western Union and did this. So what will be interesting — the part that’ll be kind of interesting to me to see is what happens to Western Union? Will they stay the way they’re doing it? I mean, after losing $586 million — I mean, I assume they are a multi gazillion dollar company, right? That sends a lot of money to and fro… and they make money off of every time they do a transfer but if they’re getting just find that much money, the part that kind of confounds me is that will Western Union stay in business? So I don’t know. It’ll be interesting. I like to see how that plays out. They also mentioned another one with Money Gram. It’s one of Western Union’s main competitors. They were targeted by the FTC and they paid immediately easily $18,002,009 to settle some charge that they had. So it’s right for corruption unfortunately and I think the requiring now, FTC and the U.S. Justice Department are requiring them to put some level of fraud protection in there to stop some of these rampant things that are occurring. It will be — I don’t know, but I look forward to seeing how this all plays out. This also kind of falls into suit with — we talked about it couple weeks ago, the FTC sewing D-Link over the failure to secure their devices and how they basically put these comments out there. They’re saying that, “Yeah, this has got industry encryption and this has got all this capability that it may or may not have as much.”
The world is changing dramatically in the space. So we’ll see what the FTC does in the future. We’ve been seeing the FTC moving more and more in this space to start putting charges against people and now that they’ve got some teeth behind it, it was always a concern that with HIPAA and surveillance auxiliary and these other aspects that there were some penalty arms but now that the Federal Trade Commission is taking over much of that, again, like that — a well-worn out thing I say is well it’d be interesting to see how that plays out.
Okay, so this next one is something about Tor, and Tor is going even darker. Yeah, baby. It’s going dark. Privacy is good. So what we’re going to talk about on Tor is basically the Dark Web or Darknet, they call that. The purpose of it is so that you can surf the internet anonymously. Now, it was done at reasons for online privacy and a lot of it was setup specifically for areas where you can surf the web without having to worry about maybe prying eyes from a government, and the Tor, The Onion Router is kind of called the onion because it got many layers and its got — it’s more or less it’s hidden and it’s — the port of that where it came into play especially within China is that you could move through there and no one really know who you are, just you bounced from node to node. Now, an individual can setup a node within the Tor network. So you can go, have a computer. You set it up. You stand it up and now, somebody can use your node on the global web and they can bounce from your node to somebody else’s node to somebody else’s node. They all do this anonymously. The goal is that when you come out of an exit node, when you pop out, then that’s when you’re out on the internet.
Well, the founder, co-founder Nick Mathewson basically was — saw what did happened recently when the FBI had contacted Carnegie Mellon and Carnegie Mellon to basically go in and be a man on the middle and start using — because the Darknet, a lot of it started with the research institutes and that’s where they kind of — it all begin. So, they ask — they told people within Carnegie Mellon, “You will basically be the man on the middle and you will then help us map all the data that’s going through the Dark Web.” This ended up happening where there were a bunch of people that were basically just caught using the Dark Web, and, and so, this happened, Mathewson said he didn’t care much about that, and so, he wanted to make some changes to that. Now, to the point is that the Darknet sides today are basically the — everybody, they’re widely known that there are different nodes within the Dark Web and much of it has been mapped at some point in time, right? By the law enforcement. As the example is like you know, like — he made a point in there. You could — any whistle blower can go to visit WikiLeaks for instance, by pasting in this crazy long dot onion and then your Tor browser. You got to have a Tor browser and then, what’ll end up happening is that you’ll be able to get to WikiLeaks, but they also talks about on the Silk Road, if you heard about that in the news, where on the Silk Road, if you are a drug customer or dealer, you can go on the Silk Road and get the drugs of your choice, and that’s been offline from the FBI but that is where a lot of this nefarious stuff also occur. Because it is anonymous it… nefarious things tend to go where people want to hide, right?
Well, so good things happen on there but also some things that are not so good. Well, what happen was Nick, not trying to be focused on being the bad side of it but because he didn’t like governments monitoring where they go and what they do, he want to take Tor to the next level and basically wanted to make it even more hidden, to the point where he says you can’t find it. So it’ll be interesting how this plays out, right? To my previous comment, it’d be interesting. It’s always interesting to see how things play out, but the interesting part about all this is that he’s saying that you can — it can be hidden to the point where you will never find it. You can’t find it at all and it’s using different ways to hide that through encryption. The only that you can get access to these new sites that he’s setting up is that you have to be invited. If you don’t — They’d hidden. You don’t know. If you don’t know they exist, you can’t get to him unless you know, you’re invited too there, okay? He basically, Mathewson, he talked about this. I’ve kind of chuckle because it’d be interesting to see how true this is but he host his own password protected family wiki on calendar on a Tor hidden service, and he says, now, he’ll be able to do way with the sites password protection without fear of anyone learning his family’s weekend plans.
Now, the interesting part is going to be — I guess, they’ll work, right? Because if you’re not invited, you can’t get access to it. So only, he would invite the right people. The question is if somebody hacks though his buddy’s computer and his buddy has been accepted as a group, can they get their surf tissue[?] through his buddy, and I would say probably, right? But the whole point of it is that it’s going to force law enforcement to go on different avenues to be able to get this. So the jury is still out. It’d be interesting to see where he goes with this and how it plays out but according to him, it’s going to be better for people that want to do surf anonymously through the Tor network. The sad part is that unfortunately the bad guys uses this Tor network for you know, kiddy porn, your drugs and so forth and — but doesn’t potentially hamper the law enforcement or FBI and it may very well do that. So what’ll be interesting to see is how the law enforcement get around it. Most of us will never know what that is because unless you’re on the opposite and the law enforcement getting busted that yeah, if you play on that space and you might get just burned a bit but — So again, the Darknet and the Tor is going darker with encrypting it so that the fact that you can’t — you’ll never know where that notice at, so interesting.
Alright, the next one, we’re going to talk about Ransomware, my favorite discussion topic, that it hit St. Louis Public Library. My question is how do you encrypt the book? I mean, other than ripped the pages out then burn them and then send the ashes to yourself, that would work but then how do you recreate it? Doesn’t work so well that way. We leave security.com brought up this part with the St. Louis Public Library was just squawked with Ransomware, and the attack squawked the library server basically about 700 PCs were infected and locked up. So, that’s not good, right? You don’t want your library to get squawked with this. They basically came out and said, “Well, hey, we’ll unlocked it for you for only $35,000 in Bitcoin. I mean, okay. So, I also struggle with whoever the attacker was, I mean, seriously. You attack a library. I mean, 35 gran. They can even get good book sometimes and I mean, $35,000 in Bitcoin, I mean, seriously? So, good thing was is that all of the — or the store of the books, the book registry that do a decimal book registry thing, whatever that’s called. So you could tell my third grade education is kicking in, right, you know. That thing, that you get your books from was not part of this network and didn’t get encrypted which is very good, right? But the 700 PCs is dead which prevented kids from going to Nickelodeon and watching Nickelodeon, but that being said, a lot of times, what I’ve heard is with the Ransomware attacks especially are hitting some of these law threat areas like maybe a school or a public library. They’re not necessarily trying to go after these places, expecting to get money. Maybe they will, right? That’s just the bonus, but I’ve seen it and I’ve heard through some of the other news articles I’ve read is that many of these things are hitting these public educations systems are they just basically public works type things are testing out new versions of Ransomware which I think from a bad guy’s perspective, not a bad idea. What better place to check it out which you know, people are going to go, click on your links more than anywhere else is these public places and why not try them and see what happens? So, that’s what’s pretty much happened with some of these.
Now, money is the benefit. If they get paid, awesome, more power to them as they may think but realistically this is just bad stuff. Ransomware is just bad. No question about it. They even — one of the things that they’re saying in 2017 is that the Ransomware stuff is going to start hitting more hospitals and medical centers and you’re seeing that as well but I’ve always said that the biggest — if you’re a guy going after data, one of the best place to get this is from lawyers and the lawyers will have all kinds of data and they just really need to watch out for this, and I know many of them do but in some cases, sometimes lawyers think, “Ah, you know what? It won’t happen to me.” “It’ll happen to somebody else” Well, be careful what you say because it may very well come back to get you, but again, they got it all worked out with the St. Louis Public Library, and the young little schools of mash [?] were able to go in there and be able to see their Nickelodeon at the public library, which is good, right? So, thankfully, it’s all taking care of and no issues but for the group, what do we do when we are attacked by Ransomware? What do you do? Make sure you have a backup, have a backup, always have a backup, yup, have a backup, unless, you get really gauche, stealthy Ransomware that infects your backup and that would really be bad. That would super, super bad. So, I heard about that too, which is not good, but on a different note, moving on.
Alright, so, one more quick word from our sponsor before we continue to the rest of the podcast. So as you know, WordPress Security Daily is all about security, and with over 10,000 WordPress sites being hacked each in every day, it is imperative that you get the security help you need. Sucuri at Sucuri.net is just a company that help you with your security needs whether you’re a one person startup or you’re a humongous large multinational, they can help you with everything you need to stay secure. They actually have a WordPress optimization guide that I just saw not too long ago, that is good stuff. I mean, and I do like the way they keep putting cool stuff out like that is constantly putting it up into the market which is really, really good. Maybe if you’re a developer or a person responsible for your WordPress website, if you thought that, well, what you’re going to do? Have you been concerned or overwhelmed with managing security? I get concerned with it, right? Sometimes I get overwhelmed as well. Have you ever been hacked or had no idea who to turn to to clean your site and who to trust to get sure it’s done right? Don’t go after Dutch Developers. No, I didn’t mean that for all of you Dutch people out there, just these bad guys, right? You guys are all real good. Do you have multiple platforms responsible for Joomla, WordPress, Drupal, all of those? Okay? Sucuri can help you do that. They’re 24/7, 365, locations are global. They got your back, right? Just like [?], they got your back. So they got website malware removal, continuous scans for malware and hack attempts, blacklist monitoring, web application firewalls, you name it. I love the PCI part. They also will help you with that. I mentioned this before, and they’ve been responsible for a while with some us and they are awesome. I mean, you’re talking these guys. They know their stuff. They will definitely take care of you. No question about it. Tony and Dray, they’re great people. They started up Sucuri and they’ve been doing it for a while. They are really, really good. They offer three options, website security stock which is your basic pro in business, and each option has different levels associated for what you need for your WordPress site. So check them out, Sucuri.net. That’s Sucuri at Sucuri.net.
Alright, let’s get back to our podcast. Okay, so this is something I kind of endear to my heart. This is another news topic and we’ve got a WordPress topic here just a little bit, but this one here is about Google services, and the reason I said — coming to this with different news articles and although our site is called WordPress Security Daily, all those stuff is tied together whether people like it or not, if you’re putting on a WordPress site, all these things can affect you whether you’re doing WordPress or whether you’re doing site core or something else, they all can help you. They all can be affecting you. Well, this one here, this news is big money hackers are using Google services to control banking malware. So, Carbanak, one of the most successful cyber security gangs ever known is basically just after — in their case, they’ve brought in over billion dollars across hundred different banks is back and they’re back in charge, right? So what they’ve been found is abusing Google services to continue their command and control. Now, if you’re not familiar with the command and control communications is, is that you just said you are a bad guy, and this is one of the things you struggled with when you’re dealing with a developer and you think that these hacker guys will — can be able to just go mash a button like on the movies and go, “Hey, it just works.” Right?
Well, the thing you got to think of is when you are controlling a bat or piece a piece of malware, it is like talking to the Mars rover. What you have to do is you have to send the command, it does a thing. It sends back and responds. You send the command, it does a thing. So, it’s not as simple as say, I’m going to say delete all my files, right?… and deletes them. Now, you can get yourself to that point where it’s that simple and it’s just basically your screen is what you see and what’s going on in their network, but when you first get started at a minimum, it is. You’re talking to Mars. You just will be talking to Mars. It’s that hard to make this work. So, what they use is they use Google services to issue this command and control communications. So that’s how they used it to basically spread their net, right? Their large touch of everything because what they did, they send a fishing messages using rich text format attachment, and they discovered that what they could do is that they would — have you click on — it basically an embedded object within it. So it contained a VB script, Visual Basic script which has been previously associated with this Car Bank malware. They use victims basically by tricking them to click on an envelope image to unlock the contents. Now, we’ve all seen that, right? But the point was they click on an image. So they put an image in there. Make it look like it’s an actual envelope. They click on it. It runs VB script. So, okay? So what ends up happening then is the dialog box opens, asking the victim who wants to run a file in unprotected mode. So if the victim runs the file, this VB script, right? It gets executed. So, to understand how this works, when you guys doing a fishing attack and you attack somebody with an email, that spike per se, that’s right? That will fit, find something. It’s going to go click on it and you runs, the moment that you click on a link that’s come to you an email, comes to you. You click on a link or execute a code or whatever it might be from behind the firewall, your firewall then assumes that hey, when it reaches out to the internet, it’s going, hey, I’m trusting this connection, and so, therefore, it opens up a connection by you clicking on this case, the envelope, it runs the script. It then opens up a connection to the internet, and this connection becomes a commanding control channel on how it runs, and once it does that, it uses Google service, in this case, Google services to communicate out, and it uses legitimate ways of communication.
So, from a defensive standpoint, many times, they use a firewall be in place or you may even have some level of protection with your IPSs, your IDSs and so forth that are looking for malicious traffic that are leaving your environment. Well, this thing is — and typically, your total web traffic — We’ll go over port 80 and 443 for encrypted communications. Well, it lets out other channels and that’s the known channel for internet browsing, now, if you have a normal channel that’s expected like Google services, it will allow that thing to communicate over Google services, and so, therefore, it’s expected that traffic will go out of this protocol, this channel per se, this port. Well, what these guys did was is because this is accepted within an organization, Google services, they’re able to then send data out through this and also out through — use the commanding control of Google services to communicate back and forth, and in the past, things like DNS were used to just send commanding control updates to it, and then the bad guys have been really good. They just kind of — they migrate. They moved around depending upon what they’re trying to do it. So, the point of this is that these guys are not idiots, they’re very smart people, and because they’re financially motivated, they’re going to find ways around it. So as the defenders, if you are a defender or if you guys a business owner, you better understand what exactly is your data, and this comes back to this, financially motivated. These guys have stolen $1 billion from 100 different banks across the globe. This is not chump change, and we mad this comment before on WordPress Security Daily.
These guys are the common — or not the common, they are the new Mafia. They’re the new mob. There’s so much money in this that is the overhead is so low in comparison to the amount of money they can make. It’s phenomenal. So as if I was a bad guy, why wouldn’t you do it, right? If you’re going to steal money, steal money from people that’s electronically and especially if the banks are basically taking up the slack in some cases, why not, right? Now, I’m not saying not to do that, okay? I’m not telling you to do that. I’m telling you that that’s what their thought process is, right? So, the simple facts of these matters that use different ways to communicate to and from that device, and in this case, Google services was one of them.
Okay, so, there’s a plugin out there, and this is from wpwhitesecurity.com. They’re basically how to evaluate a WordPress Audit Trail plugin. Now, because I’m a big fan of audit and it comes back to trust but verify, that the thing with WordPress is, is that okay, how you really know what you’re getting at? So, there are security tools, Sucuri has got one, Wordfence hast got one, BulletProof security has got one as well. So there’re different kinds of plugins that you can use within your WordPress CMS, Contact Management System, and what you can do is, is that you can get some of those logs. Well, now, in this case, your WP White Security is talking about, the WordPress Audit Trail plugin, that they’ve got — There’s a couple of them called WordPress Security audit log simple history and Audit Trail, okay? So there’re several other ones that are out there but the kind of go with the article about this plugin. Then, one thing I want to thank about with plugins is that the Audit Trail isn’t necessarily to catch somebody. I mean, it is, right? You want to be able to have it and alert and say, “Hey, the bad guys at my front door, knocking on the front door.” “He’s bad.” “Don’t let him in.” That’s what you want. So everybody wants to do when it comes to dealing with the bad guys, trying to get into their website. You want to know before they even try it again. The thing with an audit is, is that it’s usually after the fact, right? Making sure things are done right, this Audit Trail plugins, this will help you with that, and it mainly comes in the fact that if you’re in an industry that requires some level of oversight, you want to have an audit log that you can go back to and kind of find out what has occur, and are you doing the right things to protect your site?
So WordPress Security Audit, they have a pretty comprehensive Audit Trail that you can use and you’re able to keep detail records of it. They will know what URL that you went to, what were posted. It basically gives you all kinds of different ports that you can use. Now, it’ll also will go into different kinds of things that you may changes that may occur title, dates, status, categories. So you can find out if your title changed, if your status changed, anything that comes down with the actual plugin itself. So there’s lots of different things you can setup to basically trail or you can watch. I highly recommend this. If you do have any sort regulatory aspect of it, it’s good to have, and if you don’t having an Audit Trail of what changed, when it changed, where it changed will make the situation much easier in the event that you are hacked to find out how did they actually get in, what did they actually do. Now, in this article, they also talk about how the WordPress Audit Trail plugin will also be able to track not just as security pieces but when it comes down to dealing with performance of your employees or whosever using that actual — your WordPress site. So you can keep track of changes the plugins themselves. It can look in log in attempts. It can look at what media you put in place. It can check — look and track changes on bbPress potentially. There’s — any changes with SCO [?]. So it can do a lot of different things from a monitoring standpoint.
So bottom line is that when you’ve done your — you’ve got your WordPress site and installed, you need to install some level of audit tracking, and they talked about in this post about basically using WordPress Audit Trail to keep an eye on what’s actually happening on your WordPress site.
Alright. So that’s what we got for WordPress Security Daily this week, lots of stuff that went on. There’s actually in the show notes or some of the links that you can check out, dealing with the XML-RPC and how could disable that, Brian Krebs Uncovers the Murai Botnet Author and who’ in charge with that which is interesting, and also the 20 tools that you can turn your WordPress site into money making. Again, these are some difference ones that’ve interest me. There’s also out there with WP White Security has got their WordPress core plugins and themes vulnerability round up for the month of August and then, the WordPress optimization guide that came from Sucuri. There’s also links out there as well.
Alright, as we close this week’s show of WordPress Security Daily’s podcast, I want to express my appreciation once again for Sucuri at Sucuri.net. They’re the real deal. If you need security service that you can deftly help you out, I wouldn’t recommend them if I didn’t feel that way. I know they can meet or exceed your expectations. No question about it. Check them out at Sucuri.net. Alright, stop by WordPress Security Daily has a free content. Rank us on iTunes with good. We would love that. Have a wonderful blessed day and have an awesome rest of the week. See you.