1 Feb 2019

Now-Secret Owner of Threatpost, Kasperky Lab, Apparently Fired Editor For Retweet of Article About Owner’s Ties to Russian Intelligence

One of the big roadblocks we see to improving the security of WordPress websites (as well website security and security more broadly) is the really poor state of security journalism. Among the many issues that have created that situation seems to be the ownership of security journalism outlets by security companies, seeing as good security journalism would at this time consist of a lot of critical coverage of the poor state of the security industry (to put it lightly) and for various reasons that is less likely to happen when security journalists work for security companies or may be working for them in the future.

One such outlet is the Threatpost, which was until October 2017 publicly owned by the Russian security company Kaspersky Lab (here is homepage on October 20, 2017 with the footer reading “The Kaspersky Lab Security News Service” and here is it on October 25, 2017 with that gone). Both before and after that happened the Threatpost was promoted as “an independent news site”, despite that seeming to not be an accurate description. [Read more]

12 Oct 2018

How Is Security News Website Owned by a Security Company An “Independent News Site”?

A few weeks ago we were mentioning that the security news website Threatpost still seemed like it might be owned by the security company Kaspersky Lab despite marketing itself as being a  “an independent news site”. We happened look back at how they described themselves back when they were open about being owned by Kaspersky Lab and found that they also promoted themselves that way then. Here is the first paragraph of their About page as of August of last year:

Threatpost, The Kaspersky Lab security news service, is an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide. [Read more]

21 Sep 2018

Threatpost Fails to Properly Vet Sources, Leading to Spreading Inaccurate Information about Vulnerability Created by Duplicator

On Monday we discussed how the security company Sucuri showed that they lack an even basic understanding of security through a post they had written about a vulnerability created by the WordPress plugin Duplicator, which they clearly didn’t understand. What we also noted is that while their lack of security knowledge isn’t some new development, it is something that doesn’t appear to be well known. Part of the reason for that is that security journalists don’t seem to be interested in doing actual journalism and instead often act as stenographers for terrible security companies, so instead of shedding light on the bad practices of Sucuri and other similar companies (there are lots of them), they are often promoting them. Shortly after we posted that, a Google alert notified us of an article by Threatpost discussing the vulnerability, which was sourced to none other than Sucuri. That article is titled “Old WordPress Plugin Being Exploited in RCE Attacks”.

What seems to be the most problematic with the Threatpost’s article is this claim, which is repeated from Sucuri: [Read more]

1 Sep 2017

SiteLock, Kasperky Lab, and Wordfence Mislead Public on Threat from Vulnerability in WordPress Plugin

Yesterday over at our main blog we noted how the web security company SiteLock and their web hosting partner 123 Reg, a GoDaddy brand, are making baseless claims as to the likelihood of websites being hacked to try scare customers in to purchasing SiteLock security services. In the meantime they and others in the security industry were also taking a minor security vulnerability discovered by SiteLock in a WordPress plugin that is used with WooCommerce and using misleading information to make it sound like a much bigger threat.

To see what happened let’s start with an article on the Threatpost, which is Kaspersky Lab’s news website. The article is titled Reflected XSS Bug Patched in Popular WooCommerce WordPress Plugin. No where in the post is there anything to backup up the claim this plugin is all that popular, instead the article makes a confusing mention of the claimed usage of WooCommerce: [Read more]