FBI Issues Warning For WordPress Website Administrators of ISIS threat:

Patch and update now.

TUESDAY APRIL 7, 2015 – Today the FBI, in cooperation with the IC3, issued warnings for WordPress Website Administrators of potential vulnerabilities in relation to the increase in cybercrime activity around the conflict in the Middle East involving ISIS and ISIL. The attacks are originating from hackers posing as individuals from within the ISIL organization while using relatively unsophisticated methods to exploit technical vulnerabilities.

How to Take Action and Further Protect Your WordPress Website

  • Always run the very latest versions of your themes
  • Be conservative in your selection of plugins and themes
  • Delete the admin user and remove unused plugins, themes and users
  • Make sure every user has their own strong password
  • Enable two factor authentication for all your users
  • Force both logins and admin access to use HTTPS
  • Generate complex secret keys for your wp-config.php file
  • Consider hosting with a dedicated WordPress hosting company
  • Put a Web Application Firewall in front of your website

The FBI Also Suggests the Following Measures:

Read The Full Public Service Announcement Here:
http://www.ic3.gov/media/2015/150407-1.aspx