Crazy April for the WordPress Platform

By Tony Perez | April 25, 2013 |
WordPress Security

In case you haven’t been following the month of April has been a bit of a whirlwind for website owners, specifically those using the WordPress platform. The good news is it’s motivated me to start writing again, not so much here but on our company blog. That being said, let me get you caught up…

Read More

WordCamp Miami 2013: WordPress Website Security

By Tony Perez | April 3, 2013 |
Tony Perez WordCamp Miami 2013

I’ll be in Miami this weekend, for WordCamp Miami 2013, giving a new, updated talk on Website Security. Come by and say hi if you’re around — If you’re not, no problem, I’ve included my slides below in this post for your reference. My talk is titled Staying of the Website Threats and Becoming One…

Read More

Security Implications of WordPress in The Enterprise

By Tony Perez | January 30, 2013 |
WordPress Enterprise Security

My Chileno brother from another mother, Chris Lema, put out a great guest post on WPEngine yesterday talking about WordPress and the Enterprise. He talks to the how and why of it’s emergence in the enterprise scene, but in the process makes a number of statements that very clearly explains the challenges we face as…

Read More

Spoofing an Admin’s Cookies Using Burp

By Tony Perez | November 5, 2012 |
Spoofing Cookies

Here is a quick little video I put together to show you how spoofing a users cookies works. This is not a real example, in most instances an application like Burp suite would be used in conjunction with a XSS attack or some equivalent attack. The objective is to get someone with higher privileges to…

Read More