Updates on CyberSecurity, WordPress and what we're cooking in the lab today.

Author Archive: Mark Maunder

Wordfence Is Now Defiant

This entry was posted in Wordfence on November 21, 2017 by Mark Maunder   12 Replies

Today we are announcing that our company name is changing to Defiant Inc. Over the past 5 years we have grown significantly and have expanded beyond WordPress. As a security organization, we now have a stable of products and services to offer our customers. To reflect this change, we are changing the name of the company that produces Wordfence to Defiant Inc....read more

Vulnerabilities in Formidable Forms, Duplicator and Yoast SEO Plugins

This entry was posted in Vulnerabilities, WordPress Security on November 16, 2017 by Mark Maunder   16 Replies

Vulnerabilities have been reported in the Formidable Forms, Duplicator and Yoast SEO WordPress plugins. The Premium version of Wordfence protects against all of these vulnerabilities, even if you have not updated your plugins yet. We do recommend that you update immediately, whether or not you are using the Premium version of Wordfence....read more

Your Site Reputation Makes You a Target

This entry was posted in General Security, WordPress Security on November 10, 2017 by Mark Maunder   12 Replies

I've mentioned Troy Hunt a few times on this blog. He's one of the good guys in our industry and runs a website called haveibeenpwned.com. If you want to scare your friends and family at a get together, send them to haveibeenpwned.com and get them to type in their email address. You'll discover that we've all been hacked at some point in the past decade and your data is already out there. The site will tell you which breaches you have been affected by....read more

WordPress Plugin Banned for Crypto Mining

This entry was posted in Research on November 8, 2017 by Mark Maunder   30 Replies

The WordPress plugin repository recently removed a plugin known as "Animated Weather Widget by weatherfor.us." We dug a little deeper, and it appears that the plugin was removed for including JavaScript code that would mine cryptocurrency using the CPU resources of site visitors....read more

Ask Wordfence Episode 3: Should You Hide Your WordPress Login Page?

This entry was posted in Ask Wordfence, WordPress Security on October 25, 2017 by Mark Maunder   131 Replies

In today's episode of Ask Wordfence, I answer a common question we receive from customers: Should I hide my WordPress login page?...read more

New Attacker Scanning for SSH Private Keys on Websites

This entry was posted in General Security, WordPress Security on October 18, 2017 by Mark Maunder   21 Replies

Wordfence is seeing a significant spike in SSH private key scanning activity. We are releasing this advisory to ensure that our customers and the broader WordPress community are aware of this new activity and of the risk of making private SSH keys public, and to explain how to avoid this problem....read more

PSA: Severe Vulnerability in All Wi-Fi Devices

This entry was posted in General Security on October 16, 2017 by Mark Maunder   81 Replies

This is a public service announcement (PSA) from the Wordfence team regarding a security issue that has a wide impact....read more

Ask Wordfence Episode 2: How to Secure an Old Version of WordPress

This entry was posted in Ask Wordfence, Videos on October 10, 2017 by Mark Maunder   5 Replies

Today we are publishing episode 2 of our "Ask Wordfence" series. Today's question comes from Ilko in Bulgaria who would like to know how to secure an old outdated WordPress installation....read more

Gravityscan Lowers Price and Adds Free Trial

This entry was posted in General Security on October 5, 2017 by Mark Maunder   6 Replies

We have an exciting announcement today regarding the Gravityscan project. As you know the Wordfence team launched Gravityscan on May 16th of this year. Gravityscan is designed to provide malware and vulnerability scanning for any website....read more

Ask Wordfence Episode 1: Setting Up Minimum Viable WordPress Security

This entry was posted in Ask Wordfence, Videos, WordPress Security on October 3, 2017 by Mark Maunder   28 Replies

Last week we emailed a small group of our customers asking them to contribute questions for a series of videos we will be running. We received questions from many of you, so thank you very much for participating!...read more

Get the latest WordPress security updates and news

Sign up for WordPress security alerts, Wordfence product updates and security news via email.