General Security Archives - Page 11 of 14

Hacking 27% of the Web via WordPress Auto-Update

At Wordfence, we continually look for security vulnerabilities in the third party plugins and themes that are widely used by the WordPress community.

Surviving Electmageddon: Protecting against a wave of DNS outages

Update: Our own migration to multiple redundant DNS providers was completed at 10am Pacific time this morning, Friday November 4th.

DynDNS is currently being DDoS’d – May affect your site

[1:28pm Pacific / 4:28pm EST Update: According to Time Magazine Deputy Tech Editor Alex Fitzpatrick, there is now a third DDoS attack underway targeting Dyn – this from 7 minutes ago.

Revslider, MailPoet, GravityForms Exploits Bypass Cloudflare WAF

Update: We have received reports from a plugin vendor that there may be some confusion about whether or not the plugins referred to in this post are still vulnerable.

Endpoint vs Cloud Security: The Cloud WAF User Identity Problem

Imagine you’re a security guard at the entrance to a high security facility.

Endpoint vs Cloud Security: The Cloud WAF Bypass Problem

Earlier this year at Black Hat 2016 there was a lot of buzz around “endpoint security”.

Interview with Security Researcher Pan Vagenas

At Wordfence I’m really proud of the team we have. Our team are all amazing people who work hard every day to help secure WordPress websites.

Hacking a WordPress Botnet

While analyzing some of the attacks we see on the Wordfence Web Application Firewall, we discovered code that an attacker was trying to upload that was part of a botnet.

We will always put our customers and community first

On Tuesday we published a blog post about the 404 to 301 plugin inserting ad links into page content that only search engines could see.

An Interview with a Wordfence Senior Security Analyst

Colette Chamberland is one of our two Senior Security Analysts who mentor and guide the rest of our team of analysts.

Wordfence Research and News