Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Wordfence Blog

Podcast Episode 12: Major WhatsApp Vulnerability and Other News

This entry was posted in Podcasts on May 14, 2019 by Mark Maunder   3 Replies

This week in our news-focused episode we cover the WhatsApp zero-day vulnerability that allegedly was used to infect phones with malware by simply calling a phone with the app. We also announced a new update to the Wordfence plugin, making an updated two-factor authentication feature available to all Wordfence users. We cover a story about SIM hijacking and discuss why we need to move away from SMS 2-factor authentication. We also cover an ongoing supply-chain attack affecting thousands of sites, three antivirus companies that have been compromised, a malvertiser indictment and other stories.

Here are approximate timestamps in case you want to jump around:
0:30 WhatsApp voice calls used to inject malware
7:07 New Wordfence login security features
12:30 Ongoing supply-chain attack
18:58 SIM card hijacking campaign
22:05 Three US Antivirus companies compromised
23:55 Malvertiser compromised
30:12 Opting out of facial recognition at airports
32:48 Microsoft Word gets politically correct
37:38 Binance intrusion
41:25 Federal agencies spending millions to hack into phones

Find us on your favorite app or platform including iTunes, Google Podcasts, Spotify, YouTube, SoundCloud and Overcast.

Click here to download an MP3 version of this podcast. Subscribe to our RSS feed.

This week in the news we cover:

You can find me on Twitter as @mmaunder and Kathy as @kathyzant. Please don’t hesitate to post your feedback in the comments below.

Did you enjoy this post? Share it!

3 Comments on "Podcast Episode 12: Major WhatsApp Vulnerability and Other News"

Serguei Kireev May 14, 2019 at 10:59 pm

this is actually a very nice episode, thanks for whatsapp segment was really curious about that stuff

Amy May 15, 2019 at 9:47 am

So do you recommend deleting the 2fa option if we are using that in WordFence now?

Thank you for all your hard work!

Kathy Zant May 21, 2019 at 1:05 pm

Hi Amy, we'd recommend that you migrate from SMS 2-factor authentication to the authenticator-based 2FA. Make sure you save your backup codes! And stay safe! If you need any help, reach out to our support team. https://www.wordfence.com/help/

Follow Us


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 200 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates