Mark Maunder, Author at Wordfence

The December 2016 WordPress Attack Activity Report

This week we are introducing something new. At the beginning of each month we will be doing a monthly WordPress security report.

Election Hack Report FAQ: What You Need to Know

On Friday we published an analysis of the FBI and DHS Grizzly Steppe report.

US Govt Data Shows Russia Used Outdated Ukrainian PHP Malware

Update at 1am Pacific Time, Monday morning Jan 2nd: Please note that we have published a FAQ that accompanies this report.

WordPress Table Prefix: Changing It Does Nothing to Improve Security

There is an idea that was popularized a few years ago that if you change WordPress table prefix in your database, it helps protect your WordPress website from attackers.

Critical Vulnerability in PHPMailer. Affects WP Core.

A critical remote code execution vulnerability in PHPMailer has been discovered by Polish researcher Dawid Golunski.

2016 for Wordfence: A Break-Through Year

2016 is drawing to a close and has been a very busy year for us at Wordfence.

Who is Really Behind the Ukrainian Brute Force Attacks?

Last Friday we published a report showing a significant increase in Brute Force Attacks.

Huge Increase in Brute Force Attacks in December and What to Do

Update: We posted a follow-up to this post on Monday December 19th which goes into more detail about the Ukraine IP block where these attacks originate from and we discuss possible Russia involvement.

5 Things to be Aware of When Buying WordPress Security

If you are new to WordPress or reevaluating your security strategy, you are overwhelmed by choice in today’s market.

Wordfence Blocks Username Harvesting via the New REST API in WP 4.7

WordPress 4.7 was released 6 days ago, on December 6th. It includes a REST API that will be used by many WordPress plugins, mobile apps, desktop applications, cloud services and even WordPress core in future.

Wordfence Research and News