There’s a lot of noise out there.

You don’t have time to sift through it all, looking for the most important information that’ll help you do the thing.

The thing? The thing that matters. The thing that protects you and your sites.

We’ve dedicated Monday mornings to distilling that noise for you. We’ll pick-out the essentials and share them with you.

We’re calling it…

#1 – Critical Bricks Builder Vulnerability

Ultra-critical Remote Code Execution vulnerability discovered.

What do I need to do?
Immediately upgrade your Bricks Builder themes.

How will I know I’m okay?
Your theme version should now be at least v1.9.6.1

Editor Comment
If you use ShieldPRO’s automatic upgrader for vulnerable plugins/themes, this will be done automatically for you.

More Info →

#2 – Fake LastPass App on Apple App Store

What do I need to do?
If you recently downloaded the LastPass App from the Apple Store, check you have the real one.

How will I know I’m okay?
If you’re not sure, remove the app and reinstall it again. Check the developer name for the App is “LogMeIn, Inc.”

Editor Comment
Malware on your personal devices can compromise your WordPress sites through session theft/hijacking. Always be diligent, and use local device anti-virus protection.

More Info →

#3 – WordPress Security Team Impersonation Scams

The issue?
Emails are being sent to WP admins pretending to be from the official WordPress Security Team. Admins are then tricked into installing a malware plugin.

How will I know I’m okay?
If you receive any unsolicited emails from the WordPress team, you should mark it as SPAM. If you’ve already downloaded a dodgy plugin, delete it immediately and see the next ShieldNOTE.

Editor Comment
This is classic phishing, and it came up again recently. Always regard unsolicited emails with a high degree of skepticism.

More Info →

#4 – WordPress Malware Removal

The issue?
If you suspect your WordPress has malware, run a thorough scan and a full website audit, asap.

How will I know I’m okay?
After scanning your site and carefully reviewing results for suspicious code, you should be fine. Regular scans and audits are critical to staying clean.

Editor Comment
This is one of our recent blog articles, that we think is useful in providing an understanding into dealing with WordPress malware.

More Info →

I hope you found our 1st edition of ShieldNOTES to be helpful.

We’d love to hear what you think, and your suggestions on topics you’d like us to cover.

Have a wonderful week!

Paul Goodchild
Shield Security for WordPress