Exploring Session Cookie Duration and Security Risks in WordPress

On the podcast today we have Thomas J. Raef. Thomas is the founder of We Watch Your Website, a company that has been removing malware from websites since 2007. During that time he’s seen many changes in the methods hackers use to take over a website, and that’s the focus of the podcast today. With hackers becoming increasingly agile in their tactics, targeting everything from plugins to session cookies, Thomas brings to the table data he’s gathered from 2023 that puts the spotlight on the evolving digital threat landscape. We’re all used to hearing that plugins, themes, and sometimes WordPress Core, are the most likely culprits when something goes wrong. The story goes that out of date code, or a zero day is discovered and leveraged. Whilst Thomas does not doubt that this is true, he’s here to paint a somewhat different picture. A picture which puts the focus upon stolen session cookies as the most important factor in website attacks last year. If you've ever been concerned about the security of your WordPress site or intrigued by the intricacies of cybersecurity, this episode is for you.