はてなブックマーク

Yesterday at Wordfence we had an “all welcome” technology sharing meeting with the entire company – or at least everyone that was available at the time. The meeting became so popular with our team that we had to upgrade the license we use for our real-time collaboration service to accommodate everyone. It is the largest team meeting we have had to date. The goal of the call was to have an informal

Chrome and Firefox Phishing Attack Uses Domains Identical to Known Safe Sites Update on April 19th at noon Pacific time: Chrome has just released version 58.0.3029.81. We have confirmed that this resolves the issue and that our ‘epic.com’ test domain no longer shows as ‘epic.com’ and displays the raw punycode instead, which is ‘www.xn--e1awd7f.com’, making it clear that the domain is not ‘epic.com

WordPress Used as Command and Control Server in 2016 Election Hack On Friday evening the Department of Homeland Security released a report [PDF link] containing updated and broader analysis of Russian civilian and military intelligence organization’s attempts to interfere with the 2016 US election. This Wordfence report is an analysis of the new ‘Enhanced Grizzly Steppe Report’ and the data it inc

In this report we share data on the ongoing flood of WordPress REST-API exploits we are seeing in the wild. We include data on 20 different site defacement campaigns we are currently tracking. We show how attackers have switched to the REST-API exploit and how it has increased their success rates. We have also seen an evolution in the attack method targeting the REST-API exploit and have evolved o

Wide Impact: Highly Effective Gmail Phishing Technique Being Exploited Update on February 24th: Chrome has resolved this issue to my satisfaction. Earlier this month they released Chrome 56.0.2924 which changes the location bar behavior. If you now view a data URL, the location bar shows a “Not Secure” message which should help users realize that they should not trust forms presented to them via a

At Wordfence, we continually look for security vulnerabilities in the third party plugins and themes that are widely used by the WordPress community. In addition to this research, we regularly examine WordPress core and the related wordpress.org systems. Recently we discovered a major vulnerability that could have caused a mass compromise of the majority of WordPress sites. The vulnerability we de

Mossack Fonseca Breach – WordPress Revolution Slider Plugin Possible Cause Update: We have written a follow-up post on how an attacker may have moved laterally on the network from WordPress into the email server. Mossack Fonseca (MF), the Panamanian law firm at the center of the so called Panama Papers Breach may have been breached via a vulnerable version of Revolution Slider. The data breach has