Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Category Archive: PSA

Wordfence Blog

GoDaddy Breach Widens to tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet, and Host Europe

This entry was posted in General Security, PSA, WordPress Security on November 23, 2021 by Ram Gall   9 Replies

Yesterday GoDaddy disclosed a massive data breach impacting over 1.2 Million customers. Today, we received confirmation from GoDaddy that multiple brands that resell GoDaddy Managed WordPress were impacted. The brands impacted include: tsoHost Media Temple 123Reg Domain Factory Heart Internet Host Europe According to Dan Rice, VP of Corporate Communications at GoDaddy, “The GoDaddy brands …
Read More

GoDaddy Breached – Plaintext Passwords – 1.2M Affected

This entry was posted in General Security, PSA, WordPress Security on November 22, 2021 by Mark Maunder   38 Replies

There is an update available here: GoDaddy Breach Widens to tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet, and Host Europe This morning, GoDaddy disclosed that an unknown attacker had gained unauthorized access to the system used to provision the company’s Managed WordPress sites, impacting up to 1.2 million of their WordPress customers. Note that this …
Read More

PSA: Widespread Remote Working Scam Underway

This entry was posted in General Security, PSA on October 28, 2021 by Mark Maunder   57 Replies

I’ve just gotten off the phone with a victim of the scam that I’m about to describe. This is impacting a lot of folks, so please do spread the word. It’s infuriating. I’ll be around to reply to your comments below, but please do not engage in victim-blaming, because until you’ve actually been hit by …
Read More

It’s Not You. It’s Them. On Hacking and Responsible Disclosure.

This entry was posted in General Security, PSA on October 15, 2021 by Mark Maunder   17 Replies

A story was recently posted to Hacker News celebrating a hack of IoT devices at a school that let a student and their friends rickroll the school via a video system. On the one hand, this guy is my personal hero and I want to be them. But I’m a cybersecurity professional, I run a …
Read More

Malicious Attack Campaign Targeting Jetpack Users Reusing Passwords

This entry was posted in PSA, Research, WordPress Security on June 11, 2021 by Ram Gall   10 Replies

The Wordfence Threat Intelligence and Site Cleaning teams have been tracking a malware campaign that redirects all site visitors to malvertising domains, while attempting to keep site administrators unaware of the infection. Since June 1, 2021, the number of sites we are tracking that have been infected with this malware has more than doubled, and …
Read More

Follow Us

      


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 200 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates