Wordfence Research and News

Blog icon

Announcing Wordfence Care and Wordfence Response

Today I’m incredibly excited to announce that we are launching two new products: Wordfence Care and Wordfence Response. Let’s start with a fun animation that explains our new product suite! In the post below, I’ll describe in detail the two incredible new products we are launching and why they are essential for business owners and …
Read More

post title on background showing laptop

GoDaddy Breached – Plaintext Passwords – 1.2M Affected

There is an update available here: GoDaddy Breach Widens to tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet, and Host Europe This morning, GoDaddy disclosed that an unknown attacker had gained unauthorized access to the system used to provision the company’s Managed WordPress sites, impacting up to 1.2 million of their WordPress customers. Note that this …
Read More

PSA: Widespread Remote Working Scam Underway

I’ve just gotten off the phone with a victim of the scam that I’m about to describe. This is impacting a lot of folks, so please do spread the word. It’s infuriating. I’ll be around to reply to your comments below, but please do not engage in victim-blaming, because until you’ve actually been hit by …
Read More

On Hacking and Responsible Disclosure.

It’s Not You. It’s Them. On Hacking and Responsible Disclosure.

A story was recently posted to Hacker News celebrating a hack of IoT devices at a school that let a student and their friends rickroll the school via a video system. On the one hand, this guy is my personal hero and I want to be them. But I’m a cybersecurity professional, I run a …
Read More

Wordfence Helps Enable Education in Uganda

I want to share something very exciting and truly wonderful with you all today. Wordfence just completed a project where we partnered with Far Away Friends, a Denver-based non-profit working in partnership with local leaders in Uganda, to bring light and electricity to a school campus in a remote area of Uganda called Namasale.  I’d …
Read More

Terms of Use Violation

Wordfence is used by millions of free and paid customers around the world to secure their WordPress websites. We serve a broad range of customers across the globe, from diverse cultures, with diverse backgrounds, and who have diverse political views. As an organization, Defiant, the company that makes Wordfence, believes that everyone has the right …
Read More

Trump Campaign Site Hacked

Trump Campaign Site Hacked – What We Know & Lessons Learned

On October 27, 2020 at approximately 4:50pm Mountain Time, Donald Trump’s campaign website, www.donaldjtrump.com, was defaced. The attackers left a message claiming they had compromising information on President Trump. The defacement page contained two Monero cryptocurrency wallet IDs encouraging visitors to “vote” by sending cryptocurrency to the wallets, indicating that if the first wallet received …
Read More

COVID-19 and WordPress Community Engagement in 2020

This is an update regarding Wordfence’s community engagement in 2020 along with a recommendation for WordCamps globally and for the global WordPress community. As always, I’m taking a data-driven approach to this post. I present an update from the WHO regarding the containment of COVID-19 in China and what has worked. I then discuss what …
Read More

Wordcamp Asia Cancellation Fee Assistance Package from Wordfence

A few minutes ago it was announced that Wordcamp Asia has been cancelled due to the recent COVID-19 concerns in the region. This was a very tough call, but I believe the right one. To give you some context, I’m going to include an extract from the final part of the World Health Organization Director …
Read More

The WordPress 5.2.3 Security Release Unpacked

WordPress core version 5.2.3 has just been released. This is a security release which contains several fixes. I’m going to detail each of them below and unpack what each fix means and add any additional info that may be relevant. Seven of the eight vulnerabilities fixed in this release are cross site scripting (XSS) vulnerabilities. Wordfence …
Read More