48 hours ago we deployed our commercial real-time threat intelligence automatically, and for free, to all Ukrainian websites with the .UA top-level domain. That has made over 8,000 sites in Ukraine using the free version of Wordfence significantly more secure. Continue reading We’re Now Blocking 10,000 Requests Per Hour in Ukraine From Known Malicious IPs
Note: This article has been updated to reflect that the hosting provider “Njalla”, which routed the malicious traffic involved in this attack, is based in Sweden, not in Finland, although IP geolocation data indicates that the specific server that the Continue reading Ukraine Universities Hacked As Russian Invasion Started
As a new WordPress administrator, you undoubtedly have a lot to think about and do. After all, WordPress websites are as fun and exciting as they are demanding. Even so, one thing that many new administrators do not think about Continue reading How to stay safe online as a new WordPress administrator
On November 11, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Photoswipe Masonry Gallery”, a WordPress plugin that is installed on over 10,000 sites. This flaw makes it possible for an Continue reading Stored Cross-Site Scripting Vulnerability Patched in a WordPress Photo Gallery Plugin
It appears that Russia has just commenced the invasion of Ukraine. Check your preferred international news outlet, but according to the Ukrainian foreign minister “Putin has just launched a full-scale invasion of Ukraine.” Ukrainian airspace is closed with flights diverting. Continue reading Entering a Higher State of Vigilance – Ukraine Under Attack
Most modern browsers support a variety of HTTP security headers to improve the security of your WordPress website, better protect your visitors from classes of browser attacks such as clickjacking, cross-site scripting, and other common attacks, and even improve your Continue reading Configuring HTTP security headers on WordPress
On February 15, 2022, the Wordfence Threat Intelligence team responsibly disclosed a reflected Cross-Site Scripting (XSS) vulnerability in Header Footer Code Manager, a WordPress plugin with over 300,000 installations. The plugin publisher quickly acknowledged our initial contact and we sent Continue reading Reflected XSS in Header Footer Code Manager
2021 was touted as the year in which everything returns back to normality. Alas, this was not to be, as the developments we were hoping for didn’t fully materialize. 2021, however, was a year of hope in which human ingenuity Continue reading 2021: A year in review
window[“a9f847a0_6bfc_4720_9e72_d821f0fdcb34”] = {“blockId”:”a9f847a0-6bfc-4720-9e72-d821f0fdcb34″,”className”:””,”isOpen”:true}; ShareTweetSharePostSharePin It!