Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Author Archive: Mark Maunder

How We Think About WordPress Security and Research

This entry was posted in General Security, Wordfence, WordPress Security on December 10, 2018 by Mark Maunder   0 Replies

This weekend I had a really fun conversation with Doc Pop from Torque Magazine. Torque is a great news source for WordPress news. They are part of WP Engine, but maintain editorial independence. I chatted with Doc in Nashville, in the Music City Center where WordCamp US was being held. Music City Center is an …
Read More

WordPress 5.0: How and When to Update

This entry was posted in Miscellaneous on December 05, 2018 by Mark Maunder   44 Replies

WordPress 5.0 is being released tomorrow, December 6th. This release contains a major change to the WordPress editor. The new editor, code-named Gutenberg, is a substantial leap forward in functionality. It uses a new block-based system for editing which allows you to embed a wide range of content in your posts and pages, and gives …
Read More

Using PHP 5 Becomes Dangerous in 2 Months

This entry was posted in General Security, WordPress Security on October 30, 2018 by Mark Maunder   0 Replies

WordPress, Joomla, Drupal and many other popular website CMSs were written in a programming language called PHP. PHP version 5 is about to reach end-of-life and will stop receiving security updates in two months. Many WordPress and other PHP websites remain on version 5.6 or older. Once support for PHP 5 ends in two months, …
Read More

Wordfence Is GDPR Compliant

This entry was posted in Wordfence on May 22, 2018 by Mark Maunder   65 Replies

Today the team at Defiant completed the required steps to make our organization and services GDPR compliant. Your starting point for Wordfence and GDPR should be the following page:¬†Wordfence and GDPR – General Data Protection Regulation page. On the above page you can find everything you need to ensure that you remain GDPR compliant while …
Read More

Wordfence GDPR Update 2: On Target For May 25th

This entry was posted in Wordfence on May 16, 2018 by Mark Maunder   21 Replies

Update: Wordfence is now GDPR compliant. Click here to learn more. Preparations to get Wordfence and our organization ready for GDPR continue at Defiant and we are on schedule. Last week we sent out an update that said we¬†are applying for the Privacy Shield certification program for both EU-US and Swiss-US and will soon have …
Read More

Introducing Discounted Hacked Site Cleanings

This entry was posted in Wordfence, WordPress Security on May 15, 2018 by Mark Maunder   3 Replies

Last month we introduced ‘high demand’ pricing for our site cleaning service. We did this because demand for site cleanings is seasonal and it became a challenge for us to deal with the surges in business we would see while maintaining a high level of customer service. We have always run our site cleaning business …
Read More

Wordfence and GDPR: How The Defiant Team Are Preparing For GDPR

This entry was posted in Wordfence on May 09, 2018 by Mark Maunder   33 Replies

Update: Wordfence is now GDPR compliant. Click here to learn more. We want to send out an update on the new data protection law, the General Data Protection Regulation (GDPR), going into effect soon and how Defiant is getting ready for it. This new European law goes into effect on May 25, 2018. It is …
Read More

WordPress: Tracking Emerging Cryptomining Threats

This entry was posted in Research, Wordfence, WordPress Security on May 08, 2018 by Mark Maunder   16 Replies

This is a post written by James Yokobosky who works on the Defiant Threat Intelligence team. In his daily job he analyzes new WordPress threats as they emerge and adds detection capability to the Wordfence malware scanner. In addition to making sure we detect new malware, James also researches the pieces of malware we find …
Read More

Hacked by an 11 Year Old

This entry was posted in Miscellaneous on May 03, 2018 by Mark Maunder   12 Replies

The Wordfence team recently sponsored and attended WordCamp Atlanta. Instead of doing the usual boring corporate thing with our booth, we decided to host a capture the flag, or CTF contest. A CTF is essentially a hacking contest. It is a series of puzzles that the contestant needs to solve. They might include decrypting an …
Read More

Solved: Jetpack Generating Mysterious Admin Email Change Messages

This entry was posted in WordPress Security on May 02, 2018 by Mark Maunder   11 Replies

We’ve received quite a few questions about this in the past 24 hours, either via forums, email or twitter. Roughly 14 hours ago we started seeing reports that WordPress site owners running Jetpack were receiving emails that stated the following: You recently requested to have the administration email address on your site changed. If this …
Read More


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 90 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates