Huge Worldwide WordPress Brute Force Attack

The rare Tuesday post, but this couldn’t wait.  If you are running a WordPress site, you need to know this.  This was just released by WordFence.

“Early this morning our team was woken up by systems alerts letting us know that we needed to scale up our attack logging capacity. The number of WordPress attacks we were monitoring per hour had exceeded anything we have seen before.

We rapidly scaled up our infrastructure and are now monitoring what appears to be the most aggressive distributed brute force attack in history, targeting WordPress websites. We are currently seeing over 14.1 million attacks per hour and rising.

We have published details on our blog including a possible explanation for this new attack campaign and what to do to protect yourself. We continue to monitor the situation.


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.