GoDaddy did bad.

Alerts from Wordfence and a press release from GoDaddy informed me of what I already knew. Security flaws let the bad guys in to get the data goods from their website hosting clients. Login credentials were compromised to install malware on some websites and enough proprietary data was stolen to send a ton of fake…

WordPress 5.0: How and When to Update

WordPress 5.0 is being released tomorrow, December 6th. This release contains a major change to the WordPress editor. The new editor, code-named Gutenberg, is a substantial leap forward in functionality. It uses a new block-based system for editing which allows you to embed a wide range of content in your posts and pages, and gives…

Botnet of Infected WordPress Sites Attacking WordPress Sites

The Defiant Threat Intelligence team recently began tracking the behavior of an organized brute force attack campaign against WordPress sites. This campaign has created a botnet of infected WordPress websites to perform its attacks, which attempt XML-RPC authentication to other WordPress sites in order to access privileged accounts. Between Wordfence’s brute force protection and the premium real-time…