Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Author Archive: Mark Maunder

Wordfence Blog

Hacked by an 11 Year Old

This entry was posted in Miscellaneous on May 03, 2018 by Mark Maunder   12 Replies

The Wordfence team recently sponsored and attended WordCamp Atlanta. Instead of doing the usual boring corporate thing with our booth, we decided to host a capture the flag, or CTF contest. A CTF is essentially a hacking contest. It is a series of puzzles that the contestant needs to solve. They might include decrypting an …
Read More

Solved: Jetpack Generating Mysterious Admin Email Change Messages

This entry was posted in WordPress Security on May 02, 2018 by Mark Maunder   11 Replies

We’ve received quite a few questions about this in the past 24 hours, either via forums, email or twitter. Roughly 14 hours ago we started seeing reports that WordPress site owners running Jetpack were receiving emails that stated the following: You recently requested to have the administration email address on your site changed. If this …
Read More

Is WordPress Secure?

This entry was posted in General Security, WordPress Security on April 03, 2018 by Mark Maunder   31 Replies

I recently got a call from a friend I haven’t seen for a while asking me if I’d like to grab a coffee. He had a few questions about whether WordPress is secure. I’m always looking for an excuse to visit the hip Georgetown neighborhood just south of Seattle, so I jumped at the chance. …
Read More

PSA: Lessons From The Atlanta Ransomware Situation

This entry was posted in Learning, Wordfence, WordPress Security on March 27, 2018 by Mark Maunder   11 Replies

In the past few days the City of Atlanta has been hit with a ransomware attack. Several major computer systems that provide city services have been encrypted by an attacker. The attacker is demanding $51,000 worth of bitcoin to decrypt the systems, and the city has not yet ruled out paying the ransom. The attack …
Read More

PSA: Replace Your SSL/TLS Certs by Symantec, Thawte, VeriSign, Equifax, GeoTrust and RapidSSL

This entry was posted in General Security, WordPress Security on March 12, 2018 by Mark Maunder   28 Replies

This is a public service announcement and a reminder to site owners. Google’s Chrome browser has already started the process of ending support for Symantec SSL/TLS certificates. This includes companies owned by Symantec including Thawte, Verisign, Equifax, GeoTrust and RapidSSL. Chrome 66 is ending support for Symantec certificates issued before June 1, 2016 on the …
Read More

New Guides From Wordfence To Help Clean a Hacked Website

This entry was posted in General Security, WordPress Security on March 08, 2018 by Mark Maunder   7 Replies

At Wordfence, one of our goals is to empower you as much as possible to be self-sufficient, at no additional cost. To do that, we provide Wordfence as a free security plugin. Over the years we have also developed a comprehensive WordPress Security Learning Center that provides readers with a complete understanding of WordPress Security …
Read More

Cryptomining Supply Chain Attack Hits Government Websites

This entry was posted in General Security, WordPress Security on February 11, 2018 by Mark Maunder   17 Replies

In the past 24 hours, Security researcher Scott Helme discovered that a third party accessibility plugin called ‘Browsealoud’ had their servers compromised. The plugin relies on a website including Javascript in their content in order to work. This compromise resulted in over 4,000 websites serving up cryptomining malware. The malware uses site visitor CPUs to …
Read More

WordPress Update Breaks Future Auto-Updates. Manually Update Now!

This entry was posted in WordPress Security on February 08, 2018 by Mark Maunder   49 Replies

[Update at 10:50am PST: Based on the comments we’ve received below, it sounds like this problem only affects certain sites.  We have received several reports of successful updates, although some of these may be the hosting provider updating WordPress installs manually. Overall this looks like good news for the WordPress team who reported this as …
Read More

Breaking: Aggressive WordPress Brute Force Attack Campaign Started Today, 3am UTC

This entry was posted in WordPress Security on December 18, 2017 by Mark Maunder   50 Replies

A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a huge number of attacks. This is the most aggressive campaign …
Read More

Wordfence Is Now Defiant

This entry was posted in Wordfence on November 21, 2017 by Mark Maunder   12 Replies

Today we are announcing that our company name is changing to Defiant Inc. Over the past 5 years we have grown significantly and have expanded beyond WordPress. As a security organization, we now have a stable of products and services to offer our customers. To reflect this change, we are changing the name of the …
Read More


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 100 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates