Login

Tag Archives: Threatpost

28 Sep 2022

Kaspersky Looks to Have Shuttered the Threatpost, the Security News Outlet They Secretly Own

When it comes to try to better understand the security risks that WordPress websites face, one big problem is that security companies and security journalists are often spreading inaccurate and far too often outright false information related to that. In one recent example, news outlets were baselessly claiming, among other things, that hundreds of thousands of WordPress websites had been hacked.

One of the outlets that was a frequent source of that inaccurate information has been the Threatpost. That they would provide misinformation, while being a news outlet, isn’t all that surprising consider they were not even honest about who owned them. As for years they have hidden that they were owned by the major Russian security company Kaspersky. Here is how the About page of their website currently reads: [Read more]

26 Aug 2019

Wordfence Keeps Hiding That Other Security Companies Are Actually Doing the Work to Keep Ahead of Hackers

On multiple occasions the team behind the Wordfence Security plugin have failed to credit us when discussing vulnerabilities we discovered. We are not alone in that it turns out and unfortunately journalists will cover them and not give any credit to other security companies that are actually doing the work to keep ahead hackers (which is how Wordfence falsely markets their Wordfence Premium service of doing).

Here is part of an article the Threatpost (which is itself secretly owned by a security company) from Friday that showed up in a Google alert we have: [Read more]

5 Jul 2019

Sucuri, WPScan, and Others Incorrectly Claim Persistent XSS Vulnerability in WordPress Plugin with 500,000+ Installs Has Been Fixed

Two days ago the web security company Sucuri disclosed a vulnerability in the very popular WordPress plugin, WP Statistics, which has 500,000+ active installations, and claimed it had been fixed. The post is fairly hard to follow and seems to mostly make a case that firewalls can introduce additional security risk, which is odd argument for a provider of a firewall to make.

Considering Sucuri’s recent track record of getting basic details wrong when it comes to WordPress plugin vulnerabilities, including claiming that vulnerability existed that didn’t and trashing a developer falsely, you can’t take their claims at face value. There post makes it hard to follow what exactly the issue is, but more importantly it neither provides a proof of concept or provides an explanation of how the vulnerability was supposed to have been fixed, so without doing additional work it isn’t possible to confirm if what they claimed is correct. [Read more]

30 May 2019

Why Do Security Journalists Think That 47 WordPress Websites Being Exploited is Newsworthy?

We have a Google News alert set up to inform of us coverage of vulnerabilities in WordPress plugins to help us make sure we can provide customers of our service the best information on vulnerabilities in WordPress plugins. Mostly though this just reminds us of how poor most of the security journalism done is. Take something that came up today, security journalist covering 47 WordPress websites being hacked. No that isn’t a typo, that really is something that they are covering.

Help Net Security was fairly upfront about that, as near the lead of their story they stated this: [Read more]

29 Apr 2019

Security Journalists Odd Treatment of Proof of Concepts for WordPress Plugin Vulnerabilities

We think that good security journalism is something that could greatly help to improve the poor state of not just the security surrounding WordPress plugins, but security in general. Unfortunately what we have found is that security journalists seem to almost uniformly seem to do a very bad job. As a less serious example of that, recently we have seen odd responses from security journalists to us including proof of concepts with vulnerabilities we are disclosing.

Some of that seems like it could originating with the security company behind the Wordfence Security plugin, Defiant, who make claims like this (while waiting until after vulnerabilities are widely exploited to warn people that they are using plugins likely to be exploited, which is too late): [Read more]

24 Apr 2019

Threatpost Spreads Inaccurate Information on Exploited WordPress Plugin Vulnerability from Palo Alto’s Unit 42

We often incorrectly get referred to as security researchers, something we have never claimed to be. Considering the quality of a lot of security research there might be good reason to avoid that title. One such example we just ran across also provides yet another example of the bad security journalism going on with WordPress plugin vulnerabilities. We thought we would write a quick post about it since we took a few minutes to look into the claims and what we found seems worth noting.

Yesterday we were notified through a Google alert to a Threatpost story “Exploits for Social Warfare WordPress Plugin Reach Critical Mass”, which seemed odd since the main vulnerability, which we discovered, was widely exploited a while ago, so critical mass has likely long since past. [Read more]

1 Feb 2019

Now-Secret Owner of Threatpost, Kasperky Lab, Apparently Fired Editor For Retweet of Article About Owner’s Ties to Russian Intelligence

One of the big roadblocks we see to improving the security of WordPress websites (as well website security and security more broadly) is the really poor state of security journalism. Among the many issues that have created that situation seems to be the ownership of security journalism outlets by security companies, seeing as good security journalism would at this time consist of a lot of critical coverage of the poor state of the security industry (to put it lightly) and for various reasons that is less likely to happen when security journalists work for security companies or may be working for them in the future.

One such outlet is the Threatpost, which was until October 2017 publicly owned by the Russian security company Kaspersky Lab (here is homepage on October 20, 2017 with the footer reading “The Kaspersky Lab Security News Service” and here is it on October 25, 2017 with that gone). Both before and after that happened the Threatpost was promoted as “an independent news site”, despite that seeming to not be an accurate description. [Read more]

18 Jan 2019

Not Surprisingly WordPress Vulnerabilities Didn’t Triple in 2018

A week ago we wrote this:

A good rule of thumb based on what we have seen over the years is that stats on security are probably not accurate. So it isn’t surprising that when we looked into a claim by a company named Imperva that WordPress vulnerabilities tripled in 2018, it was a mess, but that hasn’t stopped security journalists from repeating the claim. [Read more]

2 Nov 2018

With a Source Like This It is No Wonder Security Journalism Is Making WordPress Websites Less Secure

Recently an instance of security journalism received a significant spotlight and significant pushback. Bloomberg claimed that a malicious chip had been found in servers used by Apple and Amazon, which both Apple and Amazon categorically denied. Either there is a significant cover up or Bloomberg got things very wrong. The latter possibility wouldn’t surprise us since from what we have seen over the years security journalism is filled with inaccurate and outright false claims, much of that coming from people in the security industry that either don’t know what they are talking about or are intentionally spreading false information. Security journalists seem to not be interested in avoiding that.

Last week we discussed a situation where security journalists were spreading false information due in part to relying on a single source that didn’t really know what he was talking about. Since then, we had an interaction with that source that made it clear that they are not a source that should be relied on alone (or maybe at all) as these journalists had done and that seems to be a good example of why security journalism is in such bad shape, which in turn is actually making WordPress websites (and websites in general) less secure. [Read more]

12 Oct 2018

How Is Security News Website Owned by a Security Company An “Independent News Site”?

A few weeks ago we were mentioning that the security news website Threatpost still seemed like it might be owned by the security company Kaspersky Lab despite marketing itself as being a  “an independent news site”. We happened look back at how they described themselves back when they were open about being owned by Kaspersky Lab and found that they also promoted themselves that way then. Here is the first paragraph of their About page as of August of last year:

Threatpost, The Kaspersky Lab security news service, is an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide. [Read more]