Posted on October 9, 2015 - 11:04pm [+0700]July 29, 2018 - 5:40pm [+0700]
Phishing

Critical vulnerability in Swift Security Hide WordPress Firewall plugin leads to phishing attack.

This is a very interesting spear phishing attack case that we had to deal with this week. Spear phishing are attempts directed at a specific individual,…

Posted on April 9, 2015 - 9:54pm [+0700]May 3, 2019 - 8:00pm [+0700]
Security

Jetpack Protect: IP spoofing and improper data validation allow security feature bypass.

Since version 3.4, the popular Jetpack by WordPress.com plugin (15+ million downloads / 1+ million active installs) includes Jetpack Protect, a module “to protect your Jetpack-connected…

Posted on September 19, 2014 - 6:31pm [+0700]May 3, 2019 - 8:09pm [+0700]
Brute-force attack

Many popular WordPress security plugins vulnerable to IP spoofing.

A WordPress user who was facing a small brute-force attack asked us for help. He was using a popular security plugin but, this time, his plugin…