This entry was posted in General Security, WordPress Security on October 18, 2017 by Mark Maunder 11 Replies
Wordfence is seeing a significant spike in SSH private key scanning activity. We are releasing this advisory to ensure that our customers and the broader WordPress community are aware of this new activity and of the risk of making private SSH keys public, and to explain how to avoid this problem....read more
This entry was posted in General Security on October 16, 2017 by Mark Maunder 77 Replies
This is a public service announcement (PSA) from the Wordfence team regarding a security issue that has a wide impact....read more
This entry was posted in General Security on October 5, 2017 by Mark Maunder 6 Replies
We have an exciting announcement today regarding the Gravityscan project. As you know the Wordfence team launched Gravityscan on May 16th of this year. Gravityscan is designed to provide malware and vulnerability scanning for any website....read more
This entry was posted in General Security, WordPress Security on September 13, 2017 by Mark Maunder 161 Replies
This post is part of a series. This is the second post and a follow-up to our first story titled "Display Widgets Plugin Includes Malicious Code to Publish Spam on WP Sites". There is a third post in this series which explains how the same spammer influenced a total of 9 WordPress plugins over a 4.5 year period....read more
This entry was posted in General Security on September 5, 2017 by Mark Maunder 3 Replies
You have probably noticed the gradual increase in the number of ads over the past two years selling "cyber insurance," or insurance that covers a hack. The market for this kind of insurance has been growing....read more
This entry was posted in General Security, WordPress Security on August 24, 2017 by Mark Maunder 32 Replies
Dreamhost is currently experiencing a DDoS attack. I am updating this post in real-time as the situation unfolds. Last update was at 10:46am PST. ~Mark Maunder...read more
This entry was posted in General Security on August 17, 2017 by Mark Maunder 27 Replies
This is a public service announcement from the Wordfence team regarding a security issue that has a wide impact. During the past 3 months, eight Chrome browser extensions were compromised and the attacker used them to steal Cloudflare credentials and serve up malicious ads....read more
This entry was posted in General Security, Research on July 7, 2017 by Mark Maunder 5 Replies
Author's note: This is a technical blog post which I'm hoping server administrators and web hosting providers will find helpful. It also includes malware history and video footage which I hope you enjoy. ~Mark Maunder...read more
This entry was posted in General Security on June 27, 2017 by Mark Maunder 37 Replies
Updated 3:19PM Pacific Time: A method to 'vaccinate' yourself against this ransomware variant has been found. I have posted details towards the end of the post along with a batch file you can run. It is as simple as creating the file C:\Windows\perfc and marking it read-only....read more
This entry was posted in General Security on June 1, 2017 by Mark Maunder 19 Replies
This is a public service announcement from Wordfence. We are sending this notice to the WordPress community due to the widespread nature and potential severity of this security issue. It has a high likelihood of impacting some of our readers and requires immediate action on their part....read more
Protect your websites with the #1 WordPress Security Plugin
Get Premium
Over 50 million downloads
