01 Feb

Now-Secret Owner of Threatpost, Kasperky Lab, Apparently Fired Editor For Retweet of Article About Owner’s Ties to Russian Intelligence

One of the big roadblocks we see to improving the security of WordPress websites (as well website security and security more broadly) is the really poor state of security journalism. Among the many issues that have created that situation seems to be the ownership of security journalism outlets by security companies, seeing as good security [Read more]

02 Nov

With a Source Like This It is No Wonder Security Journalism Is Making WordPress Websites Less Secure

Recently an instance of security journalism received a significant spotlight and significant pushback. Bloomberg claimed that a malicious chip had been found in servers used by Apple and Amazon, which both Apple and Amazon categorically denied. Either there is a significant cover up or Bloomberg got things very wrong. The latter possibility wouldn’t surprise us [Read more]

12 Oct

How Is Security News Website Owned by a Security Company An “Independent News Site”?

A few weeks ago we were mentioning that the security news website Threatpost still seemed like it might be owned by the security company Kaspersky Lab despite marketing itself as being a  “an independent news site”. We happened look back at how they described themselves back when they were open about being owned by Kaspersky Lab [Read more]

21 Sep

Threatpost Fails to Properly Vet Sources, Leading to Spreading Inaccurate Information about Vulnerability Created by Duplicator

On Monday we discussed how the security company Sucuri showed that they lack an even basic understanding of security through a post they had written about a vulnerability created by the WordPress plugin Duplicator, which they clearly didn’t understand. What we also noted is that while their lack of security knowledge isn’t some new development, [Read more]

01 Sep

SiteLock, Kasperky Lab, and Wordfence Mislead Public on Threat from Vulnerability in WordPress Plugin

Yesterday over at our main blog we noted how the web security company SiteLock and their web hosting partner 123 Reg, a GoDaddy brand, are making baseless claims as to the likelihood of websites being hacked to try scare customers in to purchasing SiteLock security services. In the meantime they and others in the security [Read more]