Sharing links on daily basis WordPress, startups, lifehacks

The .io Error – Taking Control of All .io Domains With a Targeted Registration

In a previous post we talked about taking over the .na, .co.ao, and .it.ao domain extensions with varying levels of DNS trickery. In that writeup we examined the threat model of compromising a top level domain (TLD) and what some…

Hacking 27% of the Web via WordPress Auto-Update

At Wordfence, we continually look for security vulnerabilities in the third party plugins and themes that are widely used by the WordPress community. In addition to this research, we regularly examine WordPress core and the related wordpress.org systems. Recently we…

An Attack Platform Infecting WordPress Sites

At Wordfence we frequently investigate hacked customer websites as part of an ongoing R&D effort to improve our core scanning engine. Examining hacked sites gives us data on how the attackers gained entry and provides us with visibility on the latest…

Copy-Paste from Website to Terminal

Goodbye, Android

NSA surveillance: how to stay secure

ducts from large US companies have NSA-friendly back doors, and many foreign ones probably do as well. It’s prudent to assume that foreign products also have foreign-installed backdoors. Closed-source so

WordPress hacks and snippets to efficiently reduce spam

How Safe is Your Site? – How to Secure WordPress (Self Hosted blogs) Easily

Creative usernames and Spotify account hijacking

es the importance of validating user input. In this case we had to peel back quite a

evercookie – virtually irrevocable persistent cookies