Login

Tag Archives: SC Media

28 Oct 2022

Wordfence’s Alarmism on Display With “Exploit Atttempts”, Which Are Not Really Exploit Attempts

Last week we looked into a false claim made by WordPress security provider Wordfence that a plugin had contained a “critical” security vulnerability. In discussing that, we mentioned someone’s concern related to another situation about Wordfence issuing alarmist warnings:

This is demonstrably alarmist, and poor advice considering that they have conceded to several different people that it is not a critical issue. So course this damages Wordfence’s reputation for me. How do I know that they are not issuing alarmist warnings about other issues? [Read more]

25 Apr 2019

Security Journalists Can’t Even Successfully Repeat the Same Inaccurate Figure Related To Exploited WordPress Plugin

Yesterday we discussed inaccurate information coming Palo Alto’s Unit 42 team that was then spread by the security news outlet Threatpost related to the WordPress plugin Social Warfare. In looking around we found that other security news outlets had also covered this and managed to put forward even more inaccurate information. Maybe that shouldn’t be surprising since a journalist that did some due diligence should have come to the conclusion that the original information did not seem reliable, but still it speaks to the really poor state of security journalism that even when presenting inaccurate information, they are unable to accurately present that.

In the Threatpost’s article they accurately reflected what Palo Alto’s Unit 42 team had claimed “most” of the 42,000 website they claimed were using the plugin were vulnerable: [Read more]