This entry was posted in Research, WordPress Security on May 22, 2018 by Brad Haas 25 Replies
Update on May 23 at 11:50AM: A representative from WordPress.com reached out to us with the following statement:...read more
This entry was posted in Research, Vulnerabilities on March 30, 2018 by Brad Haas 0 Replies
In February, we wrote about a vulnerability on three shared hosting services. Following our Vulnerability Disclosure Policy, we had alerted them about vulnerable permissions on shared drives on their servers. They fixed the problem, making things safer both for their customers and for their customers' site visitors....read more
This entry was posted in Wordfence, WordPress Security on March 1, 2018 by Brad Haas 9 Replies
To better protect our users' websites, we work with a lot of data from sources like our Security Services Team and the Wordfence network. We try to understand not just what attackers are doing, but also how and why. Our research into a recent campaign revealed an interesting method of attack, and contributed to the development of a new feature....read more
This entry was posted in Vulnerabilities, WordPress Security on February 8, 2018 by Brad Haas 37 Replies
In mid-December we updated our Vulnerability Disclosure Policy to include Service Vulnerabilities. A service vulnerability is any issue with a technology service that represents an exploitable security risk for its users. We made this update in response to a growing trend of security issues we've been discovering in commercial services, most often WordPress hosting providers....read more
This entry was posted in Research, WordPress Security on December 19, 2017 by Brad Haas 31 Replies
On Monday we wrote about the massive spike in brute force attacks on WordPress sites that we observed. As reported, it was the most intense period of attacks we had ever recorded. We believe that a single botnet is behind the attacks....read more
This entry was posted in Research, WordPress Security on October 26, 2017 by Brad Haas 11 Replies
During the last month, the information security media has paid a lot of attention to cryptocurrency mining malware. The Wordfence team has been monitoring the situation, and we are now starting to see attacks attempting to upload mining malware, and site cleaning customers that are already infected....read more
This entry was posted in Vulnerabilities, WordPress Security on October 23, 2017 by Brad Haas 2 Replies
Last month, we identified three plugins with critical object injection vulnerabilities, all being exploited in the wild. We deployed new and improved firewall rules to block that kind of exploit....read more
This entry was posted in Vulnerabilities, WordPress Security on October 2, 2017 by Brad Haas 6 Replies
As part of our site cleaning service, our security analysts track down the method the attacker used to compromise the site. Often this involves quite a bit of investigative work, and recently it led us to find 0-day exploits in three separate plugins. The exploits were elusive: a malicious file seemed to appear out of nowhere, and even sites with access logs only showed a POST request to /wp-admin/admin-ajax.php at the time the file was created. But we captured the attacks in our threat data, and our lead developer Matt Barry was able to reconstruct the exploits. We quickly pushed new WAF rules to block these exploits. Premium customers received the new rules and were protected immediately. We also notified the plugin authors; all three have published updates to fix the vulnerabilities....read more
Protect your websites with the #1 WordPress Security Plugin
Get Premium
Over 90 million downloads
