August 12, 2017 — No matter the size of the site, getting hacked is a painful process to deal with. As a developer, it is important to know what you can do to prevent possible attack vectors. In this talk, Jim will show what you can do to harden your code and ensure your project will be secure.

December 23, 2016 — If your website has been hacked, you need to act fast before damage is done. In this talk, Peter shows some techniques to clean hacked sites and further improving security against future attacks.

Presentation Slides »

November 18, 2016 — Esta ponencia tiene como objetivo aprender a fortíficar nuestras instalaciones WordPress, y hacernos conscientes de la cantidad de información que dejamos a la vista de cualquier usuario.

Utilizaremos distintas herramientas usadas por los ciberdelincuentes para recopilar esa información y realizar ataques sobre las vulnerabilidades encontradas.

Veremos algunas herramientas OSINT (Open Source INTelligence) existentes por la red, para recoger la información más escondida.

Realizaremos un ejemplo práctico de recogida de información con la herramienta WPScan y terminaremos con un ataque de fuerza bruta sobre una instalación real.

November 7, 2016 — In this topic we’ll discuss how WordPress is hacked and why it’s targeted Also, we’ll cover how a hacked site be prevented and how to recover if hacked.

Presentation Slides »

June 7, 2016 — It could be a defacement, your server is sending thousands of viagra emails, or more subtle things like your WooCommerce transactions being syphoned away. Hacked sites cost the economy millions of pounds a year. For hosting companies they are an almighty pain. For site owners they feel like a violations. This talk will guide you through how you can identify hacks, what steps can be taken to remove such hacks as well as how we can prevent them in the future.

May 13, 2016 — You always think it will never happen to you but when it does, it’s all hands on deck. My personal site was almost hacked and since then I actively looked at what I could improve. During this talk I will talk what I had before and show all the improvements I made since then. It will be a mixed of using using the existing tools and my own creation in managing my sites.

Presentation Slides »

April 21, 2016 — What does it mean when someone has abused your WordPress environment? How would you even know? We’ll explore the meaningful impacts as a website owner and attackers abusing your site, your brand, your audience and ultimately: your wallet.

I’ll touch on the following key items:

The types of attacks that can abuse a WordPress site (defacement, re-directs, phishing, etc.)
How a compromise can abuse your visitors and Google’s involvement in this process.
How does this affect you financially? I’ll convey stories on clients who lost massive income from the smallest of hacks.

Presentation Slides »

April 20, 2016 — In this session you’ll hear about how my passion for WordPress helped me create an online presence for our family project turned multinational charity program and landed me my dream job, allowing me to work to protect WordPress sites from hackers. It opened opportunities, allows me to work remotely for an American company, while still living in Europe (Cluj, Romania) and also providing enough time to manage the volunteers behind the ShoeBox Romania Project.

December 7, 2015 — You always think it will never happen to you but when it does, it’s all hands on deck. My personal site was almost hacked and since then I actively looked at what I could improve. During this talk I will talk what I had before and show all the improvements I made since then. It will be a mixed of using using the existing tools and my own creation in managing my sites.

Presentation Slides »

November 21, 2015 — En esta charla aprenderemos a proteger nuestra instalación de WordPress frente a intentos de hackeo desde el lado de WordPress haciendo nuestra instalación lo más segura posible. También aprenderemos a limpiar una instalación hackeada pero sin una afectación de la base de datos.