Updates on CyberSecurity, WordPress and what we're cooking in the lab today.

BabaYaga: The WordPress Malware That Eats Other Malware

This entry was posted in Research, WordPress Security on June 6, 2018 by Mikey Veenstra   15 Replies

Recently, Defiant's analysts have been tracking a particularly sophisticated malware infection responsible for generating spam links and redirection, while still remaining relatively difficult for victims to detect....read more

New Feature: Premium Development Subdomains

This entry was posted in Wordfence on June 5, 2018 by Kathy Zant   26 Replies

For our premium customers using staging, development, or test subdomains for managing their site’s updates and development, we are happy to announce the ability to utilize premium licenses across subdomains for a premium installation of Wordfence....read more

Wordfence Is GDPR Compliant

This entry was posted in Wordfence on May 22, 2018 by Mark Maunder   65 Replies

Today the team at Defiant completed the required steps to make our organization and services GDPR compliant....read more

Hijacked WordPress.com Accounts Being Used To Infect Sites

This entry was posted in Research, WordPress Security on May 22, 2018 by Brad Haas   25 Replies

Update on May 23 at 11:50AM: A representative from WordPress.com reached out to us with the following statement:...read more

How the Wordfence Scanner Protects Your Site

This entry was posted in Wordfence, WordPress Security on May 21, 2018 by Dan Moen   8 Replies

When we think about Wordfence and how it improves your WordPress security posture, there are two core features we tend to focus on: the firewall, and the security scanner. As the first layer of defense, the Wordfence firewall gets the most attention because it blocks hackers from gaining access. But, the scanner plays an equally important role, alerting you to myriad of security findings that help you keep your site secure and respond quickly if you get hacked....read more

Wordfence GDPR Update 2: On Target For May 25th

This entry was posted in Wordfence on May 16, 2018 by Mark Maunder   21 Replies

Update: Wordfence is now GDPR compliant. Click here to learn more....read more

Introducing Discounted Hacked Site Cleanings

This entry was posted in Wordfence, WordPress Security on May 15, 2018 by Mark Maunder   3 Replies

Last month we introduced 'high demand' pricing for our site cleaning service. We did this because demand for site cleanings is seasonal and it became a challenge for us to deal with the surges in business we would see while maintaining a high level of customer service....read more

Wordfence and GDPR: How The Defiant Team Are Preparing For GDPR

This entry was posted in Wordfence on May 9, 2018 by Mark Maunder   33 Replies

Update: Wordfence is now GDPR compliant. Click here to learn more....read more

WordPress: Tracking Emerging Cryptomining Threats

This entry was posted in Research, Wordfence, WordPress Security on May 8, 2018 by Mark Maunder   16 Replies

This is a post written by James Yokobosky who works on the Defiant Threat Intelligence team. In his daily job he analyzes new WordPress threats as they emerge and adds detection capability to the Wordfence malware scanner. In addition to making sure we detect new malware, James also researches the pieces of malware we find to learn more about how they work, what they do and who is behind each campaign....read more

Hacked by an 11 Year Old

This entry was posted in Miscellaneous on May 3, 2018 by Mark Maunder   12 Replies

The Wordfence team recently sponsored and attended WordCamp Atlanta. Instead of doing the usual boring corporate thing with our booth, we decided to host a capture the flag, or CTF contest. A CTF is essentially a hacking contest. It is a series of puzzles that the contestant needs to solve. They might include decrypting an encrypted piece of text, performing a challenge involving a browser and website, or hacking into something we set up....read more

Get the latest WordPress security updates and news

Sign up for WordPress security alerts, Wordfence product updates and security news via email.