April 18, 2020 — Die große Verbreitung von WordPress macht es zu einem interessanten Ziel für Angreifer. Dieser Talk zeigt das beliebteste CMS aus Sicht eines Angreifers: Welche Sicherheitsmechanismen bringt WordPress mit? Wo sind generelle Schwachstellen? Wie laufen typische Angriffe ab? Darüber hinaus werden konkrete Angriffe exemplarisch erläutert.
Die vorgestellten Schwachstellen bieten Entwicklern und Betreibern einer WordPress-Installation die Basis für folgende Absicherungsmaßnahmen.
April 2, 2020 — You wouldn’t believe how far malicious actors will go to take over websites for profit. Kathy believes it; she’s seen it all as she’s helped hundreds of WordPress site owners recover after getting hacked. As WordPress now powers more than one-third of the web, it’s a big target and attracting the attention of more hackers. Learning to think like a hacker in the security realm is a big part of keeping your assets safe, plus there are additional benefits. In this session, we will hear stories of how defeating hackers can help you make better security decisions. The hacker mindset is much more than protecting your site and information; thinking like a hacker can also help you break through perceived limitations, overcome obstacles, and capitalize on opportunities to innovate.
December 27, 2019 — Hackerským útokom sa v dnešnej elektronickej dobe nedá vyhnúť. Jediná možnosť ako sa im ubrániť, alebo ich dôsledky zmierniť je systém včasnej detekcie v spolupráci so systémami na ich odrazenie. Na prednáške predstavím podrobnú analýzu útokov na systémy WordPress počas mesiaca september 2019 v našom hostingu. V závere prednášky rozoberiem spôsoby obrany pomocou ‚security‘ pluginov, čo znamená skratka WAF a aké má systém WAF výhody oproti pluginom.
October 21, 2019 — “What could I have done to avoid being hacked?” is a question you’ll often hear after a site is hacked. In some cases the answer is complicated, but a lot of the time it’s relatively simple and there are many checklists and guides online outlining the ways sites can be hacked, plus how to secure them. However, a lot of people learn better from seeing and doing than reading (often boring) checklists. So rather than look at checklists on slides for 30 minutes, we’re going to hack into WordPress instead!
October 17, 2019 — This session will explore why WordPress sites get hacked, how you know you have been hacked, what are the implications of a hack, and what are some of your options to fix your hacked site. It will also look at both simple and more complex solutions to reduce your risk to your WordPress website so you never face a similar night of horror.
May 10, 2019 — Why would a hacker hack YOUR website? For fun, for glory? Not anymore! Hacking websites is now a monetized criminal enterprise. They don’t care about your website, they care about your website computing resources. Come see what the hacker actually sees. Witness real accounts of your website password being guessed 1000’s of times per minute. See how that guy across from you at Starbucks is watching your web traffic as it floats through the Wi-Fi. See what happens when one of your employees gets tricked into opening that phishing email.
An understanding of what the bad guys know (and how easy it is for them to operate) will motivate you to take a proactive approach to security prior to a hack – instead of spending tens of thousands to get your data back after the fact. In other words, come get scared straight, you’ll appreciate it later!