Breaking: Aggressive WordPress Brute Force Attack Campaign Started Today, 3am UTC

A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a huge number of attacks. This is the most aggressive campaign…

Spotlight: How a Digital Marketing Agency Secures Client Sites

Based in Melbourne, Australia for over 17 years, 24Digital knows what it takes to succeed in the ever-evolving digital marketing space which is no longer a world resting on desktop alone. The goal is to be an extension to every client’s marketing department, a true partnership to launch or rebuild effective websites – from WordPress…

In-Depth Analysis of a Criminal Organization Targeting WordPress Websites

Today we are posting an in-depth analysis of a prolific brute force attacker. We show that their motives are financial and are based on a wide-spread campaign to market counterfeit sports apparel websites. We describe the threat actor’s tactics, techniques and procedures. Finally, we follow a financial trail to uncover individuals who are behind the…