Updates on CyberSecurity, WordPress and what we're cooking in the lab today.

Author Archive: Mark Maunder

Wordfence Is GDPR Compliant

This entry was posted in Wordfence on May 22, 2018 by Mark Maunder   65 Replies

Today the team at Defiant completed the required steps to make our organization and services GDPR compliant....read more

Wordfence GDPR Update 2: On Target For May 25th

This entry was posted in Wordfence on May 16, 2018 by Mark Maunder   21 Replies

Update: Wordfence is now GDPR compliant. Click here to learn more....read more

Introducing Discounted Hacked Site Cleanings

This entry was posted in Wordfence, WordPress Security on May 15, 2018 by Mark Maunder   3 Replies

Last month we introduced 'high demand' pricing for our site cleaning service. We did this because demand for site cleanings is seasonal and it became a challenge for us to deal with the surges in business we would see while maintaining a high level of customer service....read more

Wordfence and GDPR: How The Defiant Team Are Preparing For GDPR

This entry was posted in Wordfence on May 9, 2018 by Mark Maunder   33 Replies

Update: Wordfence is now GDPR compliant. Click here to learn more....read more

WordPress: Tracking Emerging Cryptomining Threats

This entry was posted in Research, Wordfence, WordPress Security on May 8, 2018 by Mark Maunder   16 Replies

This is a post written by James Yokobosky who works on the Defiant Threat Intelligence team. In his daily job he analyzes new WordPress threats as they emerge and adds detection capability to the Wordfence malware scanner. In addition to making sure we detect new malware, James also researches the pieces of malware we find to learn more about how they work, what they do and who is behind each campaign....read more

Hacked by an 11 Year Old

This entry was posted in Miscellaneous on May 3, 2018 by Mark Maunder   12 Replies

The Wordfence team recently sponsored and attended WordCamp Atlanta. Instead of doing the usual boring corporate thing with our booth, we decided to host a capture the flag, or CTF contest. A CTF is essentially a hacking contest. It is a series of puzzles that the contestant needs to solve. They might include decrypting an encrypted piece of text, performing a challenge involving a browser and website, or hacking into something we set up....read more

Solved: Jetpack Generating Mysterious Admin Email Change Messages

This entry was posted in WordPress Security on May 2, 2018 by Mark Maunder   11 Replies

We've received quite a few questions about this in the past 24 hours, either via forums, email or twitter. Roughly 14 hours ago we started seeing reports that WordPress site owners running Jetpack were receiving emails that stated the following:...read more

Is WordPress Secure?

This entry was posted in General Security, WordPress Security on April 3, 2018 by Mark Maunder   31 Replies

I recently got a call from a friend I haven't seen for a while asking me if I'd like to grab a coffee. He had a few questions about whether WordPress is secure. I'm always looking for an excuse to visit the hip Georgetown neighborhood just south of Seattle, so I jumped at the chance. Plus Chris is an all-round awesome guy who works for a well-known social media startup, so I wanted an update!...read more

PSA: Lessons From The Atlanta Ransomware Situation

This entry was posted in Learning, Wordfence, WordPress Security on March 27, 2018 by Mark Maunder   11 Replies

In the past few days the City of Atlanta has been hit with a ransomware attack. Several major computer systems that provide city services have been encrypted by an attacker. The attacker is demanding $51,000 worth of bitcoin to decrypt the systems, and the city has not yet ruled out paying the ransom. The attack occurred five days ago, and as of this writing, the systems remain inaccessible....read more

PSA: Replace Your SSL/TLS Certs by Symantec, Thawte, VeriSign, Equifax, GeoTrust and RapidSSL

This entry was posted in General Security, WordPress Security on March 12, 2018 by Mark Maunder   28 Replies

This is a public service announcement and a reminder to site owners. Google's Chrome browser has already started the process of ending support for Symantec SSL/TLS certificates. This includes companies owned by Symantec including Thawte, Verisign, Equifax, GeoTrust and RapidSSL....read more

Get the latest WordPress security updates and news

Sign up for WordPress security alerts, Wordfence product updates and security news via email.