Think Like a Hacker Ep 65 WC Asia canceled

2020.02.14

Episode 65: WordCamp Asia Cancellation Prompts Community Support

WordCamp Asia was cancelled this week due to concerns of COVID-19/coronavirus in the region. This week, Wordfence CEO Mark Maunder talks about the decision to offer the WordCamp Asia Cancellation Fee Assistance Package to attendees, volunteers, organizers, and speakers that had planned to travel to this inaugural regional WordCamp.

We also cover a number of WordPress plugin vulnerabilities disclosed this week affecting hundreds of thousands of sites, and over 500 malicious Chrome extensions removed from the Chrome Web Store affecting millions of browsers worldwide.

Episode 64

2020.02.08

Podcast Episode 64: Backdoors, Webshells, and the Growing Risks of Leaks & Breaches

We take a look at the annual hacked site report from GoDaddy’s Sucuri Security and the types of malware they found in various CMS and shopping cart applications. Microsoft reports they’re finding 77k webshells daily, and WP Scan’s roundup lists a number of popular plugins and themes with recent vulnerabilities. A report from students at Harvard University exposes the growing risks of online leaks & breaches.

Think Like a Hacker Episode 63

2020.01.31

Episode 63: Succeeding as a Remote Working Nomad with Chloe Chamberland

Chloe Chamberland never wanted to get into security, and yet in the last three years, she has emerged as one of our most effective and prolific threat researchers. Not only does she find vulnerabilities in numerous popular plugins, she also travels the world while doing so. Chloe talked to me from a cabin in a remote area of Alaska, where she saw a moose for the first time. Chloe talks about how she got started in security and gives advice for young people who think they might enjoy security research. She also tells us why she loves speaking at WordCamps, the scariest vulnerability she’s discovered, and how she’s working with more developers to make their code secure.

In the news, I cover some recent WordPress plugin vulnerabilities, why cloud firewalls can be bypassed, and what site owners might need to watch for in Google Chrome’s upcoming SameSite cookie changes.

Think Like a Hacker Episode 61 Dave Ryan

2019.12.18

Episode 61: Improving Website Performance and User Experiences with Dave Ryan

With Google Chrome experimenting with a badge of shame for websites that load slowly in Chrome, there is a new urgency for high performance interfaces for web users. Gatsby, Gridsome and other static site interfaces are hot in the development community right now, especially when talking about headless WordPress.

At WordCamp US, Mark chats with Dave Ryan about these technologies, reminding us that no matter the technology we use to create a website, our decisions during development matter to the end users’ experience.

Think Like a Hacker Episode 60

2019.12.12

Episode 60: Top WordPress Influencer Lists & Chrome Password Security Improvements

A small furor erupted over a top influencers in WordPress list that neglected to show the diverse nature of the WordPress community. We talk about the impossibility of making an accurate list that reflects the true nature of WordPress influence or contribution, and the diversity we saw during our work on Open, our film project about the WordPress community. We also talk about Google plans to give slow websites a new badge of shame in Chrome, password security updates in Chrome 79, and the DHS reconsiders a plan to use facial-recognition technology on all U.S. citizens traveling internationally.

Kim Gjerstad Think Like a Hacker

2019.12.10

Episode 59: Mailpoet’s Kim Gjerstad on Beating Spammers and Improving Net Promoter Scores

Kim Gjerstad, one of the founders of Mailpoet, visited with Mark at the Wordfence booth at WordCamp US. Kim and Mark talked about the origins of Mailpoet, the plugin that gives users a full email management system within the WordPress administrative dashboard. They talk about email deliverability as well as the challenges of fighting email abuse, a constant battle that Mailpoet is winning.

They also talk about net promoter scores and what it means for the success of a SaaS business.

Think Like a Hacker Episode 58

2019.12.06

Episode 58: Leadership and the Business of WordPress Plugins: Lessons from the Yoast Black Friday Ad

Yoast, the SEO plugin installed on 9 million WordPress sites, ran a Black Friday sale, experimenting with an ad in the WordPress admin dashboard. The internet furor was dramatic, and Yoast’s CEO Marieke van de Rakt took ownership, showing exceptional leadership. We discuss the ad and the response from both users and competitors and the challenges of running a plugin business under a freemium model. We also cover stories about AVG and Avast browser extensions, the Magento Marketplace hack, the private equity purchase of .org and a data leak affecting 1.2 billion people.

Maddy Osman Think Like a Hacker

2019.11.22

Episode 57: SEO Content Strategy and Lock Picking with Maddy Osman at WordCamp US

Maddy Osman is a SEO content strategist that has worked with a number of familiar brands in both WordPress and SaaS spaces. She spoke at WordCamp US and took some time to chat with us at the Wordfence sponsor booth. Maddy talks about how she got started in SEO content strategy after doing web design and development, and also what the entrepreneurial journey has been like for her.

Maddy also shows off some of her lock picking skills she picked up while hanging out at the Wordfence booth.

Open Movie Premiere in St. Louis

2019.11.20

Episode 56: WordCamp US, WordPress 5.3 and Chrome Blocking Mixed Content

In Episode 56, we review the premiere of Open, The Community Code, a film about the WordPress community that world premiered at Matt Mullenweg’s State of the Word Keynote at WordCamp US. Mark and Kathy talk about what it was like watching friends in the community see the film for the first time.

We also discuss recent updates to WordPress in version 5.3, especially some of the improvements to the new Gutenberg editor, accessibility, and site health. We also review Google Chrome’s plans to warn and block mixed content and how site owners can prepare now for these upcoming changes.

Yoast Think Like a Hacker Episode 55

2019.11.14

Episode 55: Yoast’s Marieke van de Rakt & Michiel Heijmans at WordCamp US

At WordCamp US in Saint Louis, Mark sat down with Yoast CEO Marieke van de Rakt and COO Michiel Heijmans in the Wordfence booth to talk about not only how Yoast began, but also how they’ve grown to over 9 million active installations and the challenges of managing such a large user base. Marieke and Michiel also talk about the big changes coming in 2020 for the Yoast plugin as well as training and educational efforts via Yoast Academy.

Kathy Zant WordCamp US 2019

2019.11.08

Episode 54: The Hacker Mindset at WordCamp US

Kathy Zant gave a presentation about The Hacker Mindset at WordCamp US 2019 in St. Louis. Learning to think like a hacker in the security realm is a big part of keeping your assets safe, and there are additional benefits. Kathy illustrates how the hacker mindset is much more than protecting your site. Thinking like a hacker can also help you break through perceived limitations, overcome obstacles, and capitalize on opportunities to innovate.

WordCamp US 2019 Preview

2019.10.31

Episode 53: WordCamp US 2019 Preview from St. Louis

Mark and Kathy connect in person on Halloween in St. Louis to talk about what’s happening at WordCamp US. We review what’s new at WCUS, some of the more interesting sessions, and all of the fun activities Wordfence is bringing to North America’s largest WordCamp. Kathy and Mark also tear down the 4th wall to talk to award-winning Director Sean Korbitz, the creative force behind OPEN | The Community Code, the movie about the WordPress community that premieres Saturday, November 2.

Andrea Zoellner Think Like a Hacker Episode 52

2019.10.18

Episode 52: Innovating for Customer Success with Andrea Zoellner

Andrea Zoellner has been an active organizer of WordCamp Montreal and is the Chief Content Creator at hosting provider, SiteGround. Andrea focuses on supporting SiteGround customers in the North American and English-speaking market. With a background in journalism, Andrea found WordPress as the easiest way to get online and integrate with different services. She talked with us at WordCamp Sacramento about how she got involved with WordPress and the community and how her position at SiteGround puts her in a unique position to innovate through new tools and services for WordPress customers at SiteGround.

Think Like a Hacker Ep 51

2019.10.16

Episode 51: WeWork’s Financial Woes Spark Meetup RSVP Fees and the WordPress 5.2.4 Security Release

This week, we cover WeWork’s failed IPO and financial woes and how this likely led to Meetup’s introduction of an RSVP fee. We discuss why this decision doesn’t bode well for WeWork’s future. We also look at the WordPress 5.2.4 security release and what fixes are included. We discuss the planned release of PHP 7.4 on November 28 and how WordPress core is preparing for this update. We also get a little excited about our plans for WordCamp US November 1-2 and our party to celebrate the worldwide premiere of the open source film about the WordPress community: Open, The Community Code.

Jennifer Bourn Think Like a Hacker Episode 50

2019.10.10

Episode 50: Empowering WordPress Users Through Education with Jennifer Bourn

Jennifer Bourn has been a leader in the WordPress community for years, helping WordPress users of all experience levels get the most out of the platform. She has also created beautiful websites for recognizable brands through her design company, Bourn Creative. At WordCamp Sacramento, we talked about how the WordPress community has opened new experiences for her entire family, her new ventures in training including Content Camp and the Profitable Project Plan, the Bourn family goal of visiting all national parks as well as the future of WordPress.

Lindsey Miller Think Like a Hacker Episode 49

2019.10.03

Episode 49: Building Business Through Community with Lindsey Miller

At WordCamp Minneapolis, our Lead Customer Service Engineer Tim Cantrell chats with Lindsey Miller about her work as Partner Marketing Manager at LiquidWeb. Tim and Lindsey also talk about the challenges of being a remote worker, and how the connections in the WordPress community can help individuals make connections that grow a business. Lindsey also turns the tables and interviews Tim, asking how he got involved in WordPress and came to be the lead customer service engineer at Wordfence.

Think Like a Hacker Episode 48

2019.10.01

Podcast Episode 48: Salesforce Ventures Invests $300 Million in Automattic

Salesforce Ventures invested $300 million into Automattic at a $3 billion valuation. We discuss what this might mean for Automattic, the WordPress community, and the WordPress ecosystem by analyzing the roots of Salesforce and the opportunities it brings to WordPress. We also talk about features and fixes coming in November to WordPress 5.3 especially within the block editor and site health check. We also look at the DoorDash breach affecting nearly 5 million users.

Think Like a Hacker Episode 47

2019.09.26

Episode 47: Staying Secure through Community Cooperation with GiveWP’s Matt Cromwell

At WordCamp Sacramento, Matt Cromwell from GiveWP talked with us about how Give began, their mission of democratizing generosity, and how they handled the vulnerability disclosure from the Wordfence team. When our security researchers reached out to provide a proof of concept, the Give and Wordfence teams worked together to ensure that the vulnerability was patched in the safest way possible. Matt also tells us how he got involved with WordPress and how he gives back to the community through the Advanced WordPress Facebook group with over 30,000 members.

Think Like a Hacker Ep 46

2019.09.25

Episode 46: Zero Day Vulnerability in Rich Reviews Plugin Exploited In The Wild

We chat with Mikey Veenstra to talk about the Wordfence Threat Intelligence team’s work tracking a series of active attacks on an unpatched vulnerability in the Rich Reviews plugin for WordPress. With an estimated 16,000 installations, attackers are targeting unauthenticated plugin option updates, which can be used to deliver stored cross-site scripting (XSS) payloads. Mikey explains how this works and what users of Rich Reviews can do to protect themselves. Podcast recorded September 24, 2019.

Zach Stepek

2019.09.20

Episode 45: Securing and Scaling eCommerce with Zach Stepek

This week, our lead customer service engineer Tim Cantrell interviews Zach Stepek, CEO of MindSize, a digital agency focused on helping customers scale and succeed with eCommerce. Zach talks about how he got started with WordPress and WooCommerce, new features in JetPack that add functionality to WooCommerce, and how critical security is to site owners no matter what platform they use to sell goods and services online.