Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Author Archive: Kathy Zant

Wordfence Blog

Happening Now: Over 2 Percent of Sites Using a Let’s Encrypt TLS Certificate May Throw Security Warnings

This entry was posted in General Security, WordPress Security on March 03, 2020 by Kathy Zant   5 Replies

On Wednesday, March 4, 2020, 3 million Transport Layer Security (TLS) certificates issued by Let’s Encrypt will be revoked because of a Certificate Authority Authorization (CAA) bug. This is 2.6% of the over 116 million active certificates issued by Let’s Encrypt. Let’s Encrypt has contacted all certificate holders affected by this bug, and they’ve created …
Read More

Episode 68: More Plugin Vulnerabilities and Active Attack Campaigns

This entry was posted in Podcasts on February 29, 2020 by Kathy Zant   0 Replies

This week, we review numerous plugin vulnerabilities in popular WordPress plugins and the attacks that are targeting them. We also review the Duplicator vulnerability affecting over 1 million sites, and Chloe Chamberland’s discovery of multiple vulnerabilities in the Pricing Table by Supsystic plugin. Some WordPress-focused companies, Elementor and Strattic, receive venture funding. We also ask …
Read More

Episode 67: Avoiding Common Vulnerabilities When Developing WordPress Plugins

This entry was posted in Podcasts on February 28, 2020 by Kathy Zant   0 Replies

Almost every week, a new vulnerability is discovered in a popular WordPress plugin or theme, leaving developers scrambling to fix it before it’s widely exploited. Surprisingly, almost all critical vulnerabilities boil down to a few common mistakes. In this talk from WordCamp Phoenix, Ramuel Gall reviews these common errors and provides advice on creating secure …
Read More

Episode 66: New Plugin Vulnerabilities & Succeeding as a Digital Nomad with Chloe at WCPHX

This entry was posted in Podcasts on February 21, 2020 by Kathy Zant   0 Replies

It has been a busy week in WordPress security with active attacks on a number of plugins including ThemeRex Addons and Theme Grill Demo Importer plugins. In this week’s Think Like a Hacker, we look at what’s happening, review what a zero-day vulnerability is, and give you some advice on keeping WordPress installations clean and …
Read More

Episode 65: WordCamp Asia Cancellation Prompts Community Support

This entry was posted in Podcasts on February 14, 2020 by Kathy Zant   0 Replies

WordCamp Asia was cancelled this week due to concerns of COVID-19/coronavirus in the region. This week, Wordfence CEO Mark Maunder talks about the decision to offer the WordCamp Asia Cancellation Fee Assistance Package to attendees, volunteers, organizers, and speakers that had planned to travel to this inaugural regional WordCamp. We also cover a number of …
Read More

Podcast Episode 64: Backdoors, Webshells, and the Growing Risks of Leaks & Breaches

This entry was posted in Podcasts on February 08, 2020 by Kathy Zant   0 Replies

We take a look at the annual hacked site report from GoDaddy’s Sucuri Security and the types of malware they found in various CMS and shopping cart applications. Microsoft reports they’re finding 77k webshells daily, and WP Scan’s roundup lists a number of popular plugins and themes with recent vulnerabilities. A report from students at …
Read More

Podcast Episode 63: Succeeding as a Remote Working Nomad with Chloe Chamberland

This entry was posted in Podcasts on January 31, 2020 by Kathy Zant   0 Replies

Chloe Chamberland never wanted to get into security, and yet in the last three years, she has emerged as one of our most effective and prolific threat researchers. Not only does she find vulnerabilities in numerous popular plugins, she also travels the world while doing so. Chloe talked to me from a cabin in a …
Read More

Episode 62: 2019 Think Like a Hacker Highlights

This entry was posted in Podcasts on December 20, 2019 by Kathy Zant   0 Replies

We’ve had quite a year with Think Like a Hacker, the podcast about WordPress, security and innovation. For this end of year episode, we take a look back at a few of our favorite interviews and news stories. We review conversations with Josepha Haden, Brandy Lawson, Jennifer Bourn, Matt Cromwell, and we look back at …
Read More

Episode 61: Improving Website Performance and User Experiences with Dave Ryan

This entry was posted in Podcasts on December 18, 2019 by Kathy Zant   0 Replies

With Google Chrome experimenting with a badge of shame for websites that load slowly in Chrome, there is a new urgency for high performance interfaces for web users. Gatsby, Gridsome and other static site interfaces are hot in the development community right now, especially when talking about headless WordPress. At WordCamp US, Mark chats with …
Read More

Podcast Episode 60: Top WordPress Influencer Lists & Chrome Password Security Improvements

This entry was posted in Podcasts on December 12, 2019 by Kathy Zant   0 Replies

A small furor erupted over a top influencers in WordPress list that neglected to show the diverse nature of the WordPress community. We talk about the impossibility of making an accurate list that reflects the true nature of WordPress influence or contribution, and the diversity we saw during our work on Open, our film project …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 150 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates