This site uses cookies in accordance with our Privacy Policy.
Wordfence Research and News
Category: General Security
Why Wordfence Supports Strong Encryption Without Backdoors
This morning global headlines are discussing Apple’s move to oppose a court order issued by the US government regarding breaking into it’s own iPhone.
6 Million Password Attacks in 16 Hours and How to Block Them
Last week in the President’s cyber security op-ed in the Wall Street Journal he implored Americans to move beyond simple passwords and to enable two factor authentication or cellphone sign-in.
An Attack Platform Infecting WordPress Sites
At Wordfence we frequently investigate hacked customer websites as part of an ongoing R&D effort to improve our core scanning engine.
Aethra Botnet Attacks WordPress Sites
Exec summary: There is currently a botnet that has been identified that is targeting WordPress websites with a password guessing attack.
Announcing the WordPress Security Learning Center
Dear WordPress Community, Today we have something amazing to share with you.
WPEngine Credentials Exposed
Update 1 (3:10pm CST on Dec 10th): WPEngine is working with federal law enforcement as part of their investigation into the breach.
Exodus to Euroland: Early Effects of the EU Safe Harbor Collapse
On October 14th we wrote about the European Court of Justice declaring the Safe Harbor provision that allowed transfer of personally identifiable data (PII) between Europe and the USA as invalid.
Brute Force Attacks, Presidential Candidates and Plugin Vulnerabilities
Early this week we are tracking an approximate doubling of brute force attacks (login guessing attacks) on WordPress sites.
Storing European User Data on USA Servers? Better read this…
Exec summary: If you are storing European visitor data on servers based in the USA (most busy WordPress sites are), you are exporting “personally identifiable information”, or PII, of users in Europe to the United States.
What to do about the POODLE SSL Vulnerability for Surfers, Admins and Devs
POODLE which stands for “Padding Oracle On Downgraded Legacy Encryption”, describes a security vulnerability in the SSL Version 3 cryptogram used by older Internet browsers.
Breaking WordPress Security Research in your inbox as it happens.
