Click here to Download this video
Everything about the Bricks Vulnerability and Hack. The Why, the How, and How to Prevent It
Remkus de Vries – WordPress Specialist Remkus de Vries – WordPress Specialist
487 subscribers
1,797 views
0

 Published On Mar 1, 2024

★ Subscribe to my weekly Within WordPress newsletter: https://remk.us/subscribe ★

The popular Bricks pagebuilder for WordPress saw a severe vulnerability in early February of 2024. This vulnerability wreaked havoc in WordPress land as many sites got hacked.

This is an interview with Calvin Alkan (@snicco_io) the WordPress Security Researcher who found the hack and disclosed the solution with the Bricks team.

You can read more about the vulnerability here:
https://snicco.io/vulnerability-discl...

Calvin explains all the details that go into a security issue like that as well offering mitigation options.

If you have any questions, please leave them in the comments as Calvin and I will be monitoring and answering those.

(This was originally intended as a YouTube Live Stream, but the streaming gods were not with us, unfortunately).

00:00 Introduction and Overview of the Video
00:02 Discussing the Bricks Vulnerability
01:59 Understanding the Technicalities of the Vulnerability
02:36 Exploring the Implications of the Vulnerability
03:11 Unpacking the Unauthenticated Part of the Vulnerability
04:13 Explaining Remote Code Execution
06:36 Discussing the Disclosure and Fix of the Vulnerability
06:58 Understanding the Process of Finding Vulnerabilities
12:13 Exploring the Reality of Website Hacking
17:31 Discussing the Limitations of Security Measures
18:54 Understanding the Importance of Disaster Recovery Strategies
22:35 Understanding the Vulnerability and Its Impact
23:09 The Importance of Virtual Patching and Auto-Update
23:42 The Role of Security Researchers and Hackers
23:49 The Importance of Proper Backup and Disaster Recovery
24:39 The Risks of Shared Hosting and Server Design
25:44 The Dangers of Using Eval in WordPress Development
26:24 The Importance of Proper Authorization and Code Signature
29:14 The Role of Developers in Security Implementation
30:41 The Importance of Server-Level Backups
30:43 The Risks of Relying on Backup Plugins
32:02 The Importance of Disaster Recovery Planning
37:04 The Importance of Timely Vulnerability Disclosure
39:35 Understanding the Hacker's Perspective
42:02 The Role of Researchers in Vulnerability Disclosure
43:26 Conclusion: The Importance of Security Awareness and Preparedness

show more

Share/Embed

Up next Autoplay