Updates on CyberSecurity, WordPress and what we're cooking in the lab today.

Reminder: Popular Browsers To Distrust Symantec SSL/TLS Certificates Starting In October

This entry was posted in General Security on September 13, 2018 by James   7 Replies

This is a final reminder that legacy TLS certificates issued by Symantec, including those issued by authorities like Thawte, Geotrust, and RapidSSL which used Symantec as a central authority, will be distrusted by both Google Chrome and Mozilla Firefox beginning in October. Apple products have partially distrusted these certificates and plan to also distrust the full set of certificates at some point in Fall 2018. Digicert has acquired the Certificate Authority (CA) and its infrastructure, and is issuing free replacement certificates for all affected customers. If you have already replaced your certificate, no action is needed....read more

PSA: Multiple Vulnerabilities Present In Firefox 61

This entry was posted in General Security, Vulnerabilities on September 6, 2018 by Mikey Veenstra   2 Replies

In an advisory published yesterday, Mozilla disclosed the presence of nine security flaws in Firefox 61 which have been patched in the latest release of the browser. Some of the bugs are severe, but at this time do not appear to be receiving attacks in the wild. To protect yourself as a Firefox user, ensure that you have updated Firefox to the latest version as soon as possible. To do this, click the 'Firefox' menu and 'About Firefox'. The browser will check for an update automatically and will download the update if available. You will then be prompted to 'Restart to update Firefox'...read more

Duplicator Update Patches Remote Code Execution Flaw

This entry was posted in Vulnerabilities, WordPress Security on September 5, 2018 by Mikey Veenstra   3 Replies

A critical remote code execution (RCE) vulnerability has been patched in the latest release of Duplicator, a WordPress backup and migration plugin with millions of downloads. In their public disclosure of this flaw, Synacktiv detailed its scope and severity, and provided a viable proof of concept exploit for the security community. In this post we'll take a look at the basics of the vulnerability, what was patched, and what you can do if you think your site's at risk....read more

Ninja Forms Security Updates: What You Need To Know

This entry was posted in Vulnerabilities, WordPress Security on August 28, 2018 by Mikey Veenstra   1 Reply

Yesterday, the popular WordPress plugin Ninja Forms released version 3.3.14, which disclosed and patched two security issues present in the plugin. Upon review of these issues we've determined their severity to be moderately low, however due to the plugin's wide userbase of more than a million active installs we've elected to provide a detailed exploration of exactly what these vulnerabilities are and what risks they do pose if left unpatched. As usual, we recommend updating vulnerable versions of the plugin as soon as possible, despite the relatively low risk....read more

Wordfence: Live On Tour In A City Near You

This entry was posted in Videos, WordPress Security on August 24, 2018 by Dan Moen   12 Replies

This year we've attended and sponsored quite a few WordCamps, and have had members of our team speak at some as well. If you haven’t attended one recently we highly recommend it. They're a great opportunity to learn and connect with other members of the WordPress community....read more

Announcing Revamped Volume Pricing for Premium Licenses

This entry was posted in Wordfence on August 22, 2018 by Dan Moen   6 Replies

This year we have been very focused on the needs of agencies and other organizations with lots of sites to protect. We’ve spoken with many of you and have a clear picture of what we can do to make Wordfence work even better for you....read more

Known WordPress Threat Actor Under Investigation For Prescription-Free Online Pharmacy

This entry was posted in Miscellaneous on August 8, 2018 by Dan Moen   10 Replies

Last September we published a series of three blog posts exposing a threat actor who had purchased a number of WordPress plugins as part of an elaborate supply chain attack. This ownership enabled him to inject SEO spam into hundreds of thousands of websites, boosting search engine rankings for various illicit online businesses....read more

Brad Haas Discusses BabaYaga Malware on the CyberWire Podcast

This entry was posted in WordPress Security on July 31, 2018 by Dan Moen   0 Replies

In early June we published an article and accompanying white paper detailing an interesting malware infection which we've internally dubbed BabaYaga. The relatively sophisticated malware is unique because it contains a number of features intended to ensure the infected site remains in working order. It keeps WordPress core up to date, performs and stores backups and even scans for and removes malware....read more

Your Site Can Help Defend Millions Of Others

This entry was posted in Wordfence, WordPress Security on July 19, 2018 by Mikey Veenstra   4 Replies

As you're probably aware, Wordfence's Security Services Team (SST) provides world-class remediation services in the event that your site falls victim to malicious activity.  Our analysts combine their considerable expertise with the best threat intelligence in the industry to deliver results we're consistently proud to stand behind. To be clear, the word "consistently" is used deliberately here, as the continued reliability of our services is crucial in maintaining the trust placed in us by our users....read more

Three Incident Response Preparations You Should Be Making

This entry was posted in General Security, Learning on July 10, 2018 by Mikey Veenstra   7 Replies

In the context of cybersecurity, the adage "An ounce of prevention is worth a pound of cure" is a massive understatement. Make no mistake, the easiest way to handle a security incident is to prevent it from ever happening in the first place. We continually remind our readers about security best practices because the time spent implementing them is nominal compared to the time that would be spent responding in the aftermath of a successful attack....read more

Get the latest WordPress security updates and news

Sign up for WordPress security alerts, Wordfence product updates and security news via email.