Two Weeks of Monitoring ProxyNotShell (CVE-2022-41040 & CVE-2022-41082)...
The Wordfence Threat Intelligence team has been monitoring exploit attempts targeting two zero-day vulnerabilities in Microsoft Exchange Server tracked as CVE-2022-41040 and CVE-2022-41082,...
View ArticleWhat Does The Fox Hack? Breaking Down the Anonymous Fox F-Automatical Script
While performing routine security research, one of our threat analysts discovered the latest version of a Command and Control (C2) script, which is referred to as F-Automatical within the script’s code...
View ArticleNot Just for the Government: Using the NIST Framework to Secure WordPress
When setting up a WordPress website, it is easy to focus on the look and feel of the website, while overlooking the important aspect of security. This makes sense, because the security of a website is...
View ArticleConfiguration Probing: Your Backups Might Be Your Greatest Weakness
Configuration files exist to make life easier for developers and website operators. In a world without configuration files, every instance of code that depended on a database connection could...
View ArticleSpikes in Attacks Serve as a Reminder to Update Plugins
The Wordfence Threat Intelligence team continually monitors trends in the attack data we collect. Occasionally an unusual trend will arise from this data, and we have spotted one such trend standing...
View ArticleExploiting WordPress Plugin Vulnerabilities to Steal AWS Metadata
In an ideal world, vulnerabilities would not exist. A request would be sent to a server, properly validated, and only the intended information would be provided by the server. Of course, this is not a...
View ArticleHoliday Attack Spikes Target Ancient Vulnerabilities and Hidden Webshells
Winter brings a number of holidays in a short period of time, and many organizations shut down or run a skeleton crew for a week or more at the end of the year and beginning of the new year. This makes...
View ArticlePSA: Your Site Isn’t Hacked By This Bitcoin Scam, Keep the Money
On January 19th, 2023, a member of the Wordfence Threat Intelligence team received an email from their personal blog, claiming the site had been hacked, and we received two reports from Wordfence users...
View ArticleThe WordPress Ecosystem is Becoming More Secure with Responsible Disclosure...
The Wordfence 2022 State of WordPress Security Report was released on January 24th, 2023. One area that we reviewed in this report were the vulnerabilities disclosed in 2022. Keeping in mind that some...
View ArticlePSA: Intentionally Leaving Backdoors in Your Code Can Lead to Fines and Jail...
In the cybersecurity field, we talk a lot about threat actors and vulnerable code, but what doesn’t get discussed enough is intentional vulnerabilities and becoming your own threat actor. Even when...
View Article
More Pages to Explore .....