At Wordfence, one of our goals is to empower you as much as possible to be self-sufficient, at no additional cost. To do that, we provide Wordfence as a free security plugin. Over the years we have also developed a comprehensive WordPress Security Learning Center that provides readers with a complete understanding of WordPress Security and how to run a secure website. We have also published a number of articles explaining how to recover from a hack, should that worst-case scenario ever arise....read more
In the past 24 hours, Security researcher Scott Helme discovered that a third party accessibility plugin called 'Browsealoud' had their servers compromised. The plugin relies on a website including Javascript in their content in order to work. This compromise resulted in over 4,000 websites serving up cryptomining malware....read more
This entry was posted in WordPress Security on February 8, 2018 by Mark Maunder 49 Replies
[Update at 10:50am PST: Based on the comments we've received below, it sounds like this problem only affects certain sites. We have received several reports of successful updates, although some of these may be the hosting provider updating WordPress installs manually. Overall this looks like good news for the WordPress team who reported this as a severe bug. If you have been impacted by this, let us know in the comments.]...read more
This entry was posted in WordPress Security on December 18, 2017 by Mark Maunder 50 Replies
A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a huge number of attacks. This is the most aggressive campaign we have seen to date, peaking at over 14 million attacks per hour....read more
This entry was posted in Wordfence on November 21, 2017 by Mark Maunder 12 Replies
Today we are announcing that our company name is changing to Defiant Inc. Over the past 5 years we have grown significantly and have expanded beyond WordPress. As a security organization, we now have a stable of products and services to offer our customers. To reflect this change, we are changing the name of the company that produces Wordfence to Defiant Inc....read more
Vulnerabilities have been reported in the Formidable Forms, Duplicator and Yoast SEO WordPress plugins. The Premium version of Wordfence protects against all of these vulnerabilities, even if you have not updated your plugins yet. We do recommend that you update immediately, whether or not you are using the Premium version of Wordfence....read more
I've mentioned Troy Hunt a few times on this blog. He's one of the good guys in our industry and runs a website called haveibeenpwned.com. If you want to scare your friends and family at a get together, send them to haveibeenpwned.com and get them to type in their email address. You'll discover that we've all been hacked at some point in the past decade and your data is already out there. The site will tell you which breaches you have been affected by....read more
This entry was posted in Research on November 8, 2017 by Mark Maunder 30 Replies
The WordPress plugin repository recently removed a plugin known as "Animated Weather Widget by weatherfor.us." We dug a little deeper, and it appears that the plugin was removed for including JavaScript code that would mine cryptocurrency using the CPU resources of site visitors....read more
In today's episode of Ask Wordfence, I answer a common question we receive from customers: Should I hide my WordPress login page?...read more
Wordfence is seeing a significant spike in SSH private key scanning activity. We are releasing this advisory to ensure that our customers and the broader WordPress community are aware of this new activity and of the risk of making private SSH keys public, and to explain how to avoid this problem....read more
