Updates on CyberSecurity, WordPress and what we're cooking in the lab today.

Author Archive: Mark Maunder

PSA: OneLogin Breached. Here’s What You Need to Do.

This entry was posted in General Security on June 1, 2017 by Mark Maunder   19 Replies

This is a public service announcement from Wordfence. We are sending this notice to the WordPress community due to the widespread nature and potential severity of this security issue. It has a high likelihood of impacting some of our readers and requires immediate action on their part....read more

Wordfence Launches WordPress Security Audit Service

This entry was posted in General Security, Wordfence, WordPress Security on May 23, 2017 by Mark Maunder   42 Replies

This morning I am very excited to announce that Wordfence is officially launching a WordPress Security Audit service. Many of our customers have asked us for a service like this and it has finally arrived....read more

WordPress 4.7.5 Security Release – Immediate Update Recommended

This entry was posted in WordPress Security on May 17, 2017 by Mark Maunder   10 Replies

A few hours ago WordPress abruptly released 4.7.5 which is a security release. It fixes six vulnerabilities which are detailed on the wordpress.org blog....read more

Announcing Gravityscan

This entry was posted in General Security on May 16, 2017 by Mark Maunder   58 Replies

Today the Wordfence team has a big announcement. We are launching Gravityscan.com, a completely free vulnerability and malware scanner. You can use Gravityscan to find out if your website has been hacked and if you have any security problems that may lead to a hack in future....read more

New WannaCry Ransomware and How to Protect Yourself

This entry was posted in General Security on May 14, 2017 by Mark Maunder   72 Replies

This is another Wordfence public service announcement (PSA) that describes new WannaCry ransomware variants that have emerged in the past few hours and describes how to protect yourself against the WannaCry ransomware, also known as the WannaCrypt ransomware. We occasionally send out alerts that are outside the WordPress space when we feel that they are in the interests of our WordPress publishers and the broader global community. This is, unfortunately, one of those alerts....read more

22 Abandoned WordPress Plugins with Vulnerabilities

This entry was posted in Wordfence, WordPress Security on May 10, 2017 by Mark Maunder   41 Replies

As an interesting research project, Pan Vagenas, one of our researchers, took a closer look at abandoned plugins in the WordPress repository. His work was inspired by a recent post by Isabel Castillo where she lists the oldest abandoned plugins in the WordPress plugin repository....read more

The April 2017 WordPress Attack Report

This entry was posted in Monthly Attack Activity Report, Wordfence, WordPress Security on May 4, 2017 by Mark Maunder   17 Replies

Today we are releasing the WordPress Attack Report for April, 2017. You can also find these previous attack reports on our blog:...read more

Home Router Botnet Shut Down in Past 72 Hours. Who did it?

This entry was posted in Research, Wordfence, WordPress Security on May 2, 2017 by Mark Maunder   19 Replies

On April 11th, 3 weeks ago, we published a story discussing routers at a specific set of ISPs that have been hacked. These routers have been used to launch attacks on WordPress websites. The ISPs with compromised routers included Telecom Algeria, BSNL in India, PLDT in the Philippines and many more large ISPs around the world....read more

20 Minutes to a Secure WordPress Website

This entry was posted in Wordfence, WordPress Security on April 25, 2017 by Mark Maunder   33 Replies

Securing WordPress has become easy thanks to the amazing work the WordPress team continuously do to fix vulnerabilities and improve the security of the platform. With the addition of Wordfence, it is possible to run a secure WordPress site and sleep well at night knowing your investment is safe....read more

51 Tools for Security Analysts

This entry was posted in General Security, Research, WordPress Security on April 20, 2017 by Mark Maunder   17 Replies

Yesterday at Wordfence we had an "all welcome" technology sharing meeting with the entire company - or at least everyone that was available at the time. The meeting became so popular with our team that we had to upgrade the license we use for our real-time collaboration service to accommodate everyone. It is the largest team meeting we have had to date....read more

Get the latest WordPress security updates and news

Sign up for WordPress security alerts, Wordfence product updates and security news via email.