Swift Insights
Increase In Malware Sightings on GoDaddy Managed Hosting
Today, March 15, 2022, The Wordfence Incident Response team alerted our Threat Intelligence team to an increase in infected websites hosted on GoDaddy’s Managed WordPress service, which includes MediaTemple, tsoHost, 123Reg, Domain Factory, Heart Internet, and Host...
5 Search Engine Optimization (seo) Tips
It's amazing how many sites we take on that don't have even the basics of Search Engine Optimization applied. If you're hoping for business from the googles, its worth having at least the basics applied to help people find your website. Here's 5 SEO tips.Identify a...
WordPress 5.9.2 Security Update Fixes XSS and Prototype Pollution Vulnerabilities
Last night, just after 6pm Pacific time, on Thursday March 10, 2022, the WordPress core team released WordPress version 5.9.2, which contains security patches for a high-severity vulnerability as well as two medium-severity issues. The high-severity issue affects...
Credit Card Velocity Attacks
Credit Card Testing/Velocity Attacks: Ever Hear of These? They are when a "bad actor" purchases a product from your online store, and then tries to pay with a stolen, fake, or otherwise fraudulent credit card. Not just one credit card though, when the transaction...
We’re Now Blocking 10,000 Requests Per Hour in Ukraine From Known Malicious IPs
48 hours ago we deployed our commercial real-time threat intelligence automatically, and for free, to all Ukrainian websites with the .UA top-level domain. That has made over 8,000 sites in Ukraine using the free version of Wordfence significantly more secure. At...
Ukraine Universities Hacked By Brazilian Via Finland As Russian Invasion Started
The Wordfence team has identified a massive attack on Ukrainian universities that coincided with the invasion of Ukraine by Russia, and resulted in at least 30 compromised Ukrainian university websites. We have identified the threat actor behind the attack, who is...
Stored Cross-Site Scripting Vulnerability Patched in a WordPress Photo Gallery Plugin
On November 11, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Photoswipe Masonry Gallery”, a WordPress plugin that is installed on over 10,000 sites. This flaw makes it possible for an...
Entering a Higher State of Vigilance – Ukraine Under Attack
It appears that Russia has just commenced the invasion of Ukraine. Check your preferred international news outlet, but according to the Ukrainian foreign minister “Putin has just launched a full-scale invasion of Ukraine.” Ukrainian airspace is closed with flights...
Reflected XSS in Header Footer Code Manager
On February 15, 2022, the Wordfence Threat Intelligence team responsibly disclosed a reflected Cross-Site Scripting (XSS) vulnerability in Header Footer Code Manager, a WordPress plugin with over 300,000 installations. The plugin publisher quickly acknowledged our...
Friday Fun: From Idea to Animated Film
It’s Friday, and I thought we’d have fun talking about something a little different. At Wordfence, one of my priorities is fostering a strong creative team and culture, and investing in creators. Emily Dalmas joined us as a full-time producer almost a year ago via her...