Updates on CyberSecurity, WordPress and what we're cooking in the lab today.

Known WordPress Threat Actor Under Investigation For Prescription-Free Online Pharmacy

This entry was posted in Miscellaneous on August 8, 2018 by Dan Moen   10 Replies

Last September we published a series of three blog posts exposing a threat actor who had purchased a number of WordPress plugins as part of an elaborate supply chain attack. This ownership enabled him to inject SEO spam into hundreds of thousands of websites, boosting search engine rankings for various illicit online businesses....read more

Brad Haas Discusses BabaYaga Malware on the CyberWire Podcast

This entry was posted in WordPress Security on July 31, 2018 by Dan Moen   0 Replies

In early June we published an article and accompanying white paper detailing an interesting malware infection which we've internally dubbed BabaYaga. The relatively sophisticated malware is unique because it contains a number of features intended to ensure the infected site remains in working order. It keeps WordPress core up to date, performs and stores backups and even scans for and removes malware....read more

Your Site Can Help Defend Millions Of Others

This entry was posted in Wordfence, WordPress Security on July 19, 2018 by Mikey Veenstra   4 Replies

As you're probably aware, Wordfence's Security Services Team (SST) provides world-class remediation services in the event that your site falls victim to malicious activity.  Our analysts combine their considerable expertise with the best threat intelligence in the industry to deliver results we're consistently proud to stand behind. To be clear, the word "consistently" is used deliberately here, as the continued reliability of our services is crucial in maintaining the trust placed in us by our users....read more

Three Incident Response Preparations You Should Be Making

This entry was posted in General Security, Learning on July 10, 2018 by Mikey Veenstra   7 Replies

In the context of cybersecurity, the adage "An ounce of prevention is worth a pound of cure" is a massive understatement. Make no mistake, the easiest way to handle a security incident is to prevent it from ever happening in the first place. We continually remind our readers about security best practices because the time spent implementing them is nominal compared to the time that would be spent responding in the aftermath of a successful attack....read more

Details of an Additional File Deletion Vulnerability – Patched in WordPress 4.9.7

This entry was posted in Vulnerabilities, Wordfence, WordPress Security on July 5, 2018 by Matt Barry   4 Replies

Today WordPress released version 4.9.7, a security release which addresses two separate arbitrary file deletion vulnerabilities requiring Author privileges. Some details can be found on the WordPress.org blog....read more

Optimizing Wordfence Security Settings: Brute Force Protection

This entry was posted in Wordfence, WordPress Security on July 5, 2018 by Kathy Zant   15 Replies

As a part of the Wordfence Client Partner initiative, we’ve recently had some in depth conversations with organizations using Wordfence at scale. These conversations have been enlightening, and we wanted to share some of the stories we’ve heard about how different organizations use Wordfence....read more

Arbitrary File Deletion Flaw Present in WordPress Core

This entry was posted in Vulnerabilities, WordPress Security on June 27, 2018 by Mikey Veenstra   41 Replies

The security community has been abuzz this week following the disclosure of a vulnerability present in all current versions of WordPress. The flaw, published in a detailed report by RIPS Technologies, allows any logged-in user with an Author role or higher to delete files on the server....read more

Top Tools for Security Analysts in 2018

This entry was posted in General Security, Research, WordPress Security on June 26, 2018 by Mikey Veenstra   4 Replies

Last spring, after discussing the tools and tech used by our team, we published a list of 51 Tools for Security Analysts. The article was well-received, and the comments offered some great suggestions to top it all off....read more

New Feature: Custom Premium Development Subdomains

This entry was posted in Wordfence on June 21, 2018 by Kathy Zant   5 Replies

Two weeks ago we announced the release of a new Wordfence feature that automatically allows Wordfence Premium customers to use their premium license key to secure a specific list of staging, development or test subdomains. This week we've taken that a step further, releasing a feature to allow your Wordfence Premium license to secure custom staging, development and staging domains....read more

BabaYaga: The WordPress Malware That Eats Other Malware

This entry was posted in Research, WordPress Security on June 6, 2018 by Mikey Veenstra   15 Replies

Recently, Defiant's analysts have been tracking a particularly sophisticated malware infection responsible for generating spam links and redirection, while still remaining relatively difficult for victims to detect....read more

Get the latest WordPress security updates and news

Sign up for WordPress security alerts, Wordfence product updates and security news via email.