This entry was posted in Research, Wordfence, WordPress Security on December 05, 2018 by Mikey Veenstra 17 Replies
The Defiant Threat Intelligence team recently began tracking the behavior of an organized brute force attack campaign against WordPress sites. This campaign has created a botnet of infected WordPress websites to perform its attacks, which attempt XML-RPC authentication to other WordPress sites in order to access privileged accounts. Between Wordfence’s brute force protection and the premium real-time …
Read More
This entry was posted in Research, Vulnerabilities, WordPress Security on November 20, 2018 by Mikey Veenstra 19 Replies
News broke last week disclosing a number of vulnerabilities in the AMP For WP plugin, installed on over 100,000 WordPress sites. WordPress contributor Sybre Waaijer identified the security issue and confidentially disclosed it to the WordPress plugins team. To exploit the flaw, an attacker needs to have a minimum of subscriber-level access on a vulnerable site. The …
Read More
This entry was posted in Research, Vulnerabilities, WordPress Security on November 09, 2018 by Mikey Veenstra 19 Replies
Earlier this week the WP GDPR Compliance plugin was briefly removed from the WordPress.org repository after the discovery of critical security issues impacting its users. In yesterday’s post, we provided some details regarding these issues and illustrated their severity. In the hours since that post was published, our team has continued tracking the adversaries seeking …
Read More
This entry was posted in Vulnerabilities, WordPress Security on November 08, 2018 by Mikey Veenstra 23 Replies
After its removal from the WordPress plugin repository yesterday, the popular plugin WP GDPR Compliance released version 1.4.3, an update which patched multiple critical vulnerabilities. At the time of this writing, the plugin has been reinstated in the WordPress repository and has over 100,000 active installs. The reported vulnerabilities allow unauthenticated attackers to achieve privilege escalation, …
Read More
This entry was posted in Miscellaneous on October 31, 2018 by Mikey Veenstra 0 Replies
Among a plethora of reasons to enjoy working here, we at Defiant are particularly vocal about our love for the remote office. A team spread across timezones and continents might sound like a challenge in group cohesion, but even though we’re divided geographically, we’ve forged a great culture that a breakroom ping-pong table just can’t …
Read More
This entry was posted in General Security, WordPress Security on October 02, 2018 by Mikey Veenstra 20 Replies
Considering the amount of malicious activity that takes place on the internet, it’s no surprise that successful attacks on WordPress sites are launched across a wide variety of vectors. Whether outdated plugin code is to blame, or password reuse, or any number of other security flaws, no site owner sets out to introduce a vulnerability …
Read More
This entry was posted in General Security, WordPress Security on September 18, 2018 by Mikey Veenstra 13 Replies
Last week’s article covering the decision to distrust Symantec-issued TLS certificates generated a great response from our readers. One common question we received, and one that pops up just about any time SSL/TLS comes up, is how to determine when a site does and does not need such a certificate. Spoiler: Your site should probably …
Read More
This entry was posted in General Security, Vulnerabilities on September 06, 2018 by Mikey Veenstra 2 Replies
In an advisory published yesterday, Mozilla disclosed the presence of nine security flaws in Firefox 61 which have been patched in the latest release of the browser. Some of the bugs are severe, but at this time do not appear to be receiving attacks in the wild. To protect yourself as a Firefox user, ensure …
Read More
This entry was posted in Vulnerabilities, WordPress Security on September 05, 2018 by Mikey Veenstra 3 Replies
A critical remote code execution (RCE) vulnerability has been patched in the latest release of Duplicator, a WordPress backup and migration plugin with millions of downloads. In their public disclosure of this flaw, Synacktiv detailed its scope and severity, and provided a viable proof of concept exploit for the security community. In this post we’ll …
Read More
This entry was posted in Vulnerabilities, WordPress Security on August 28, 2018 by Mikey Veenstra 1 Reply
Yesterday, the popular WordPress plugin Ninja Forms released version 3.3.14, which disclosed and patched two security issues present in the plugin. Upon review of these issues we’ve determined their severity to be moderately low, however due to the plugin’s wide userbase of more than a million active installs we’ve elected to provide a detailed exploration …
Read More
