Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Author Archive: Dan Moen

Wordfence Blog

Major Central Release: Alerts, Security Events and Slack Integration

This entry was posted in Wordfence on June 18, 2019 by Dan Moen   4 Replies

In February we launched Wordfence Central, an efficient way to manage the security of many WordPress sites in one place. If you have multiple sites and haven’t checked it out yet, you should. It includes a powerful dashboard, a single interface to view and manage security findings across all of your sites and robust new …
Read More

Announcing 3 New Login Security Features

This entry was posted in Wordfence, WordPress Security on May 14, 2019 by Dan Moen   23 Replies

Spend any time looking at blocked attacks in Wordfence Live Traffic and you’ll walk away worried about login security. WordPress sites are under constant attack by bots attempting to guess your users’ passwords. A lot of these attacks simply test lists of commonly used passwords along with usernames they think you may have chosen, like …
Read More

Podcast Episode 11: The Dave Ryan Interview

This entry was posted in Podcasts on May 10, 2019 by Dan Moen   0 Replies

Today we’ve published episode 11 of Think Like a Hacker. As we mentioned earlier in the week, we’ve switched to a new format beginning this week, separating the news and our interview into two episodes. In today’s interview-focused episode we talk to Dave Ryan at WordCamp Orange County. Dave Ryan is an Interdisciplinary WordPress Developer …
Read More

Yuzo Related Posts Zero-Day Vulnerability Exploited in the Wild

This entry was posted in Vulnerabilities, WordPress Security on April 10, 2019 by Dan Moen   30 Replies

The Yuzo Related Posts plugin, which is installed on over 60,000 websites, was removed from the WordPress.org plugin directory on March 30, 2019 after an unpatched vulnerability was publicly, and irresponsibly, disclosed by a security researcher that same day. The vulnerability, which allows stored cross-site scripting (XSS), is now being exploited in the wild. These …
Read More

Introducing Wordfence Central

This entry was posted in Wordfence on February 06, 2019 by Dan Moen   19 Replies

Over the last several months, we have been focused on making Wordfence a better option for organizations with a large number of WordPress sites to protect. To start, we added the ability to secure your staging and development environments with a single Wordfence premium license, something you should take advantage of if you haven’t already. …
Read More

Analyzing a Week of Blocked Attacks

This entry was posted in Wordfence, WordPress Security on January 22, 2019 by Dan Moen   13 Replies

If you’ve never taken a few minutes to look at the information available in the Wordfence Live Traffic feature, I strongly recommend it. It gives you a detailed look at what attackers are trying to do to break into your site, and how Wordfence is blocking them. For today’s post we analyzed all of the …
Read More

WordPress 5.0.1 Security Release – Immediate Update Recommended

This entry was posted in WordPress Security on December 13, 2018 by Dan Moen   12 Replies

WordPress 5.0.1 was released Wednesday night, less than a week after the much anticipated release of WordPress 5.0. This security release fixes seven security vulnerabilities, a few of which are quite serious. Sites running versions in the 4.x branch of WordPress core are also impacted by some of the issues. WordPress 4.9.9 was released along …
Read More

Video: WordCamp Atlanta Security Panel with Wordfence

This entry was posted in Wordfence, WordPress Security on October 18, 2018 by Dan Moen   6 Replies

In April, Wordfence sponsored WordCamp Atlanta and several of our team members attended the event. While there, we held a capture the flag (CTF) contest, which helps WordPress site owners learn to think like a hacker so that they can better defend their websites. Part of hacker culture is the art of lock picking, which …
Read More

Meet the Defiant Team

This entry was posted in Wordfence on September 25, 2018 by Dan Moen   13 Replies

In August, most of our team attended DefCon, a hacker conference in Las Vegas attended by tens of thousands of security professionals. All of us work remotely, so it is always really special to spend time together as a team. While we were there we completed a fun project. We created a video with footage …
Read More

Wordfence: Live On Tour In A City Near You

This entry was posted in Videos, WordPress Security on August 24, 2018 by Dan Moen   12 Replies

This year we’ve attended and sponsored quite a few WordCamps, and have had members of our team speak at some as well. If you haven’t attended one recently we highly recommend it. They’re a great opportunity to learn and connect with other members of the WordPress community. WPCampus Highlights While not strictly a WordCamp, in …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 100 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates