When setting up a WordPress website, it is easy to focus on the look and feel of the website, while overlooking the important aspect of security. This makes sense, because the security of a website is largely invisible until something…
A Russian hacktivist group calling itself “The People’s Cyberarmy” called on its members to target the American Democratic party website at https://democrats.org with DDOS (Distributed Denial of Service) attacks this morning, November 8th, 2022, which is Election Day in the…
While performing routine security research, one of our threat analysts discovered the latest version of a Command and Control (C2) script, which is referred to as F-Automatical within the script’s code and was commonly known as FoxAuto in older versions.…
The Wordfence Threat Intelligence team has been monitoring exploit attempts targeting two zero-day vulnerabilities in Microsoft Exchange Server tracked as CVE-2022-41040 and CVE-2022-41082, collectively known as ProxyNotShell. These vulnerabilities are actively being exploited in the wild. At the time of…
October is National Cyber Security Awareness Month in the U.S., and this year’s theme is “See Yourself in Cyber.” What is really being said by this theme is that we all have a role to play in cyber security, whether…
Vulnerabilities are a fact of life for anyone managing a website, even when using a well-established content management system like WordPress. Not all vulnerabilities are equal, with some allowing access to sensitive data that would normally be hidden from public…
This morning the Wordfence team is launching Wordfence Intelligence live at Black Hat 2022 in Las Vegas. Our entire team is here in Las Vegas, including our international team members. I’d like to tell you more about what we’re launching…
Wordfence protects over 4 million websites around the world on 12,000 unique networks, and we block over 1.8 billion attacks targeting those websites every month. For years we have had a relationship with our customers that is a virtuous cycle:…