Tag: Wordfence

Is your home router being used to attack WordPress sites?

Last week the good folks at Wordfence noticed something very interesting while compiling their monthly attack report. Algeria had raced from 60th place in their “Top Attacking Countries” list, to 24th place. That is obviously a huge jump in a very short time. Upon closer review, they realized that more than 10,000 IP addresses originating in Algeria were attacking WordPress…

More than 100,000 WordPress sites hacked via REST API zero-day

WordPress was updated on January 26th to patch three separate security vulnerabilities. At the time, the folks at WordPress advised that you should update immediately which is fairly normal (and recommended). What you may not know, is that a fourth vulnerability was kept private for several weeks. Why wasn’t it publicized? Security through obscurity. An unauthenticated privilege escalation vulnerability was found in a…

Mossack Fonseca Breach Caused by Outdated WordPress Plugin, Slider Revolution

Early this morning Wordfence released information from a security audit performed after the Mossack Fonseca breach that points to an outdated plugin on the firm’s WordPress site as the likely attack vector.   Mossack Fonseca had been running a horribly out of date version of the Slider Revolution plugin for WordPress, created by ThemePunch. They further detailed how the intruder may have then been able to move from WordPress to an…

BlueBorne vulnerability places billions of devices at risk via Bluetooth protocols... Would you like to know more?
+ +