Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Wordfence Blog

Podcast Episode 21: New Plugin Vulns Exploited in the Wild, an Extortion Scam and the CBP Data Breach

This entry was posted in Podcasts on June 11, 2019 by Kathy Zant   5 Replies

This week, we discuss active exploitation of a plugin vulnerability in the wild, an extortion scam hitting numerous website owners, exposure of Industrial Control Systems to attackers as well as a CBP breach affecting travelers in the United States. We also talk about an email server vulnerability and what to do in a SIM port attack.

Here are approximate timestamps in case you want to jump around:
0:35 User Submitted Posts Plugin Vulnerability Seeing Attacks
4:20 An extortion scam is threatening website owners & how to protect your site
10:10 CBP breach of license plates and facial recognition data affecting US travelers
16:54 WordPress accessibility proposal
25:25 Google Cloud outage affects numerous services
26:59 State of Industrial Control Systems in Poland and Switzerland
36:00 Severe RCE in Exim mail transfer agent
37:09 What to do when SIM swapping happens to you

Find us on your favorite app or platform including iTunes, Google Podcasts, Spotify, YouTube, SoundCloud and Overcast.

Click here to download an MP3 version of this podcast. Subscribe to our RSS feed.

This week in the news we cover:

You can find Mark on Twitter as @mmaunder and Kathy as @kathyzant. Please feel free to post your feedback in the comments below.

Did you enjoy this post? Share it!

5 Comments on "Podcast Episode 21: New Plugin Vulns Exploited in the Wild, an Extortion Scam and the CBP Data Breach"

Randy June 11, 2019 at 4:53 pm

Thank you guy's so much for such great information in your videos and especially Wordfence for protection of our websites.

Kathy Zant June 11, 2019 at 6:03 pm

Thanks for listening/watching, Randy! And thank you for using Wordfence.

Blaise June 12, 2019 at 1:11 am

Excellent content and good production quality.
However personnally I prefer the written format for this kind of information. I understand that some users might enjoy listening to security topics during their commute, but I prefer the speed of being able to read and zoom into what I'm interested in.
Perhaps a written transcript of the podcast might be the "best of both worlds" solution?

Kathy Zant June 12, 2019 at 6:48 am

Hi Blaise,

Thanks for the feedback! We'll look into the ease of providing transcripts. The YouTube video does have transcripts available. You can click the ellipsis under the video to navigate to "open transcript." I hope that helps!

Kevin June 12, 2019 at 3:56 am

Than-you for the excellent Podcast and of course great product.
Accessibility is about inclusion and mindfulness. As an activist in South Africa, we have to fight tooth and nail for what is law and morally correct. From fighting against parking in disabled bays, UA building law and compliance, public transport and basic amenities like kurb cuts in pavements.
So what applies in the physical world is also then occurs in the Digital World.

We found that once barriers to inclusion are removed people with "differentabilities" are able to move into those spaces to work or enjoy. We are by nature exclusive so we need to change our ways to be more inclusive.
And start getting used to neural diversity.

Follow Us


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 100 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates