August 22, 2011

Video: Malware Hitching a Ride on WordPress

Patrik Runald

In this week’s Websense Security Labs Video, Chris Astacio discusses a mass injection attack that is compromising a wide swath of WordPress sites through a vulnerability in TimThumb.php, a common module used in many WordPress themes.
This widespread attack compromised tens of thousands of domains which led to a site hosting injected malicious code. After the video, you can read an analysis of the exploit in our blog post here. That post features a link to the patched version of TimThumb that users can download to remove this vulnerability. 


About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.