Updates on CyberSecurity, WordPress and what we're cooking in the lab today.

Category Archive: Research

The December 2016 WordPress Attack Activity Report

This entry was posted in General Security, Research, Wordfence, WordPress Security on January 5, 2017 by Mark Maunder   50 Replies   

This week we are introducing something new. At the beginning of each month we will be doing a monthly WordPress security report. We will look at the attack data for the previous month from the 1st to the end of the month and provide a report and analysis on the attack activity we have seen on WordPress websites....read more

Election Hack Report FAQ: What You Need to Know

This entry was posted in General Security, Miscellaneous, Research, Wordfence, WordPress Security on January 2, 2017 by Mark Maunder   13 Replies   

On Friday we published an analysis of the FBI and DHS Grizzly Steppe report. The report was widely seen as proof that Russian intelligence operatives hacked the US 2016 election. We showed that the PHP malware in the report is old, freely available from a Ukrainian hacker group and is an administrative tool for hackers....read more

US Govt Data Shows Russia Used Outdated Ukrainian PHP Malware

This entry was posted in General Security, Miscellaneous, Research, WordPress Security on December 30, 2016 by Mark Maunder   137 Replies   

Update at 1am Pacific Time, Monday morning Jan 2nd: Please note that we have published a FAQ that accompanies this report. It contains a summary of our findings and answers several other questions our readers have had. It also provides some background on our methodology. You can read it either before or after reading this report. The original report follows:...read more

Who is Really Behind the Ukrainian Brute Force Attacks?

This entry was posted in General Security, Research, Wordfence, WordPress Security on December 19, 2016 by Mark Maunder   43 Replies   

Last Friday we published a report showing a significant increase in Brute Force Attacks. We showed that most of the attacks are originating in Ukraine and we shared the most active IP addresses with you....read more

Gravatar Advisory: How to Protect Your Email Address and Identity

This entry was posted in General Security, Learning, Research, WordPress Security on December 8, 2016 by Mark Maunder   47 Replies   

Update: We've added comments at the end of the post pointing out that the National Institute of Standards and Technology (NIST) considers an email address to be personally identifiable information or PII....read more

Revslider, MailPoet, GravityForms Exploits Bypass Cloudflare WAF

This entry was posted in General Security, Research, Wordfence, WordPress Security on October 19, 2016 by Mark Maunder   36 Replies   

Update: We have received reports from a plugin vendor that there may be some confusion about whether or not the plugins referred to in this post are still vulnerable. The vulnerabilities we refer to in Revolution Slider, MailPoet, Gravity Forms and Timthumb have been fixed since they were first discovered. There are new, updated versions of all of these plugins available and these updates have been available for some time. If you use any of these products, we encourage you to update to their newest versions....read more

18X Speedup in Wordfence Scan

This entry was posted in Research, Wordfence, WordPress Security on September 28, 2016 by Mark Maunder   14 Replies   

Wordfence 6.2.0 was released yesterday and it includes something really special: a huge improvement in scan performance. I'm going to share with you what changed and why Wordfence 6.2.0 is the same great quality malware and security scan running up to 18X faster....read more

Hacking a WordPress Botnet

This entry was posted in General Security, Research, WordPress Security on August 23, 2016 by Mark Maunder   116 Replies   

While analyzing some of the attacks we see on the Wordfence Web Application Firewall, we discovered code that an attacker was trying to upload that was part of a botnet. In case you're not in the information security space, a botnet is a network of 'bot' or 'zombie' machines that is controlled from a central command and control or C&C server....read more

Top 50 Most Attacked WordPress Plugins This Week

This entry was posted in Research, Vulnerabilities, Wordfence, WordPress Security on August 17, 2016 by Mark Maunder   56 Replies   

Last week we shared the top 20 most attacked WordPress themes and an explanation of why many of them are targeted. This week we've dug deep into the data and we are publishing the top 50 most attacked WordPress plugins during the past 7 days....read more

404 to 301 Plugin Considered Harmful

This entry was posted in Research, WordPress Security on August 16, 2016 by Mark Maunder   47 Replies   

Yesterday we received a site cleaning request where one of our customers was seeing spammy links, Payday Loans in this case, injected into their WordPress website page content. The links were only appearing when the site was visited by a search engine crawler. This is common when a site has been hacked....read more

Get the latest WordPress security updates and news

Sign up for WordPress security alerts, Wordfence product updates and security news via email.