General Security Archives - Page 10 of 14

The December 2016 WordPress Attack Activity Report

This week we are introducing something new. At the beginning of each month we will be doing a monthly WordPress security report.

Election Hack Report FAQ: What You Need to Know

On Friday we published an analysis of the FBI and DHS Grizzly Steppe report.

US Govt Data Shows Russia Used Outdated Ukrainian PHP Malware

Update at 1am Pacific Time, Monday morning Jan 2nd: Please note that we have published a FAQ that accompanies this report.

Critical Vulnerability in PHPMailer. Affects WP Core.

A critical remote code execution vulnerability in PHPMailer has been discovered by Polish researcher Dawid Golunski.

Who is Really Behind the Ukrainian Brute Force Attacks?

Last Friday we published a report showing a significant increase in Brute Force Attacks.

Huge Increase in Brute Force Attacks in December and What to Do

Update: We posted a follow-up to this post on Monday December 19th which goes into more detail about the Ukraine IP block where these attacks originate from and we discuss possible Russia involvement.

5 Things to be Aware of When Buying WordPress Security

If you are new to WordPress or reevaluating your security strategy, you are overwhelmed by choice in today’s market.

Gravatar Advisory: How to Protect Your Email Address and Identity

Update: We’ve added comments at the end of the post pointing out that the National Institute of Standards and Technology (NIST) considers an email address to be personally identifiable information or PII.

Avoid Malware Scanners That Use Insecure Hashing

In this post I’m going to discuss a major problem that exists with several WordPress malware scanners: The use of weak hashing algorithms for good and bad file identification.

Emergency Bulletin: Firefox 0 day in the wild. What to do.

Update at 2:32pm PST / 5:32pm EST: Firefox released a fix for this a few minutes ago.

Wordfence Research and News