Wordfence Research and News

Why Wordfence Supports Strong Encryption Without Backdoors

This morning global headlines are discussing Apple’s move to oppose a court order issued by the US government regarding breaking into it’s own iPhone.

6 Million Password Attacks in 16 Hours and How to Block Them

Last week in the President’s cyber security op-ed in the Wall Street Journal he implored Americans to move beyond simple passwords and to enable two factor authentication or cellphone sign-in.

3 Severe Plugin Vulnerabilities Fixed in the Last 24 Hours

The following three plugins contain severe vulnerabilities that have all been fixed within the past 24 hours.

WordPress 4.4.2 Security Release – Why you need to update immediately

It’s been a busy morning in WordPress security. Right after we released details of the attack platform we recently analyzed, WordPress released a security update in the form of 4.4.2.

An Attack Platform Infecting WordPress Sites

At Wordfence we frequently investigate hacked customer websites as part of an ongoing R&D effort to improve our core scanning engine.

WordPress Security January Roundup: Core XSS and 4 Plugin vulnerabilities

This has certainly been an eventful month in WordPress security. January 6th saw a WordPress core security update.

The 2015 WordPress Security Survey Results are out

To bring a close to 2015 we conducted a WordPress security survey.

Aethra Botnet Attacks WordPress Sites

Exec summary: There is currently a botnet that has been identified that is targeting WordPress websites with a password guessing attack.

Security Concepts: Half of all WordPress Plugin Vulnerabilities are XSS and Securing FTP

We had a lot of fun creating our WordPress Security Learning Center.

Announcing the WordPress Security Learning Center

Dear WordPress Community, Today we have something amazing to share with you.