Think Like a Hacker with Wordfence show

Think Like a Hacker with Wordfence

Summary: Mark Maunder co-founded Wordfence in 2011 after his WordPress site was hacked and he learned how hard it was to clean and secure. Today the team has grown to over 35 members world-wide and Wordfence protects over 4 million WordPress sites. On the Think Like a Hacker podcast, we cover interesting topics related to WordPress, security and innovation. Episodes alternate between security news and interviews with innovators from WordPress and information security communities.

Join Now to Subscribe to this Podcast
  • Visit Website
  • RSS
  • Artist: Wordfence
  • Copyright: Copyright © 2019 Defiant, Inc. All rights reserved

Podcasts:

 Episode 51: WeWork's Financial Woes Spark Meetup RSVP Fees and the WordPress 5.2.4 Security Release | File Type: audio/mpeg | Duration: 47:50

We cover WeWork's failed IPO & financial woes and how this likely led to Meetup's introduction of an RSVP fee. We discuss why this doesn't bode well for WeWork's future. We also look at the WordPress 5.2.4 security release & what fixes are included. We discuss the release of PHP 7.4 & how WordPress core is preparing. We also get a little excited about our plans for WordCamp US & our party to celebrate the worldwide premiere of the open-source film about the WordPress community: Open, The Community Code.

 Episode 50: Empowering WordPress Users Through Education with Jennifer Bourn | File Type: audio/mpeg | Duration: 19:31

Jennifer Bourn has been a leader in the WordPress community for years, helping WordPress users of all experience levels get the most out of WordPress. She has created websites for recognizable brands through her design company, Bourn Creative. At WordCamp Sacramento, we talked about how the community has opened experiences for her entire family, her new ventures in training including Content Camp and the Profitable Project Plan, the Bourn family goal of visiting all national parks & the future of WordPress.

 Episode 49: Building Business Through Community with Lindsey Miller | File Type: audio/mpeg | Duration: 21:01

At WordCamp Minneapolis, our Lead Customer Service Engineer Tim Cantrell chats with Lindsey Miller about her work as Partner Marketing Manager at LiquidWeb. Tim and Lindsey also talk about the challenges of being a remote worker, and how the connections in the WordPress community can help individuals make connections that grow a business. Lindsey also turns the tables and interviews Tim, asking how he got involved in WordPress and came to be the lead customer service engineer at Wordfence.

 Episode 48: Salesforce Ventures invests $300 Million in Automattic | File Type: audio/mpeg | Duration: 28:15

Salesforce Ventures invested $300 million into Automattic at a $3 billion valuation. We discuss what this might mean for Automattic, the WordPress community, and the WordPress ecosystem by analyzing the roots of Salesforce and the opportunities it brings to WordPress. We also talk about features and fixes coming in November to WordPress 5.3 especially within the block editor and site health check. We also look at the DoorDash breach affecting nearly 5 million users.

 Episode 47: Staying Secure through Community Cooperation with GiveWP's Matt Cromwell | File Type: audio/mpeg | Duration: 30:28

At WordCamp Sacramento, Matt Cromwell from GiveWP talked with us about how Give began, democratizing generosity, & how they handled the vulnerability disclosure from our team. When our security researchers reached out, Give & Wordfence worked together to ensure that the vulnerability was patched in the safest way possible. Matt also tells us how he got involved with WordPress & how he gives back to the community through the Advanced WordPress Facebook group with over 30K members.

 Episode 46: Zero Day Vulnerability in Rich Reviews Plugin Exploited In The Wild | File Type: audio/mpeg | Duration: 14:26

We chat with Mikey Veenstra to talk about the Wordfence Threat Intelligence team's work tracking a series of active attacks on an unpatched vulnerability in the Rich Reviews plugin for WordPress. With an estimated 16,000 installations, attackers are targeting unauthenticated plugin option updates, which can be used to deliver stored cross-site scripting (XSS) payloads. Mikey explains how this works and what users of Rich Reviews can do to protect themselves. Podcast recorded September 24, 2019.

 Episode 45: Securing and Scaling eCommerce with Zach Stepek | File Type: audio/mpeg | Duration: 22:45

This week, our lead customer service engineer Tim Cantrell interviews Zach Stepek, CEO of MindSize, a digital agency focused on helping customers scale and succeed with eCommerce. Zach talks about how he got started with WordPress and WooCommerce, new features in JetPack that add functionality to WooCommerce, and how critical security is to site owners no matter what platform they use to sell goods and services online.

 Episode 44: Unpacking the WordPress 5.2.3 Security Release | File Type: audio/mpeg | Duration: 41:47

WordPress core version 5.2.3 was released on Sept. 4. This was a security release patching eight vulnerabilities in WordPress core, most of which were cross site scripting. In this episode of Think Like a Hacker, we walk through each of the patched elements of WordPress core and how these vulnerabilities could have been exploited. We also look at the SIM port attack on Jack Dorsey's Twitter account, and the lessons for all of us in using our cellphones and mobile devices for securing our online accounts.

 Episode 43: Wordfence Research on Malvertising Campaign Makes the News | File Type: audio/mpeg | Duration: 30:47

This week, we chat about WordPress 5.3 and some of the new features we will see added to WordPress in November, including improvements to the editor and a switch to meta tags for better control over search engine indexing. We also cover the latest developments with our threat intelligence team's research into an ongoing malvertising campaign targeting WordPress plugin vulnerabilities. This story received news coverage, and that coverage caused Wix to Tweet a cheeky dig at WordPress that fell flat.

 Episode 42: Building WordPress Websites that Convert with Bill Rice | File Type: audio/mpeg | Duration: 18:09

Bill Rice is the CEO of Kaleidico. We chatted at WordCamp Minneapolis about WordPress and the community, and his work creating websites that convert. Bill spoke at WordCamp Minneapolis about trends in WordPress website design that allow businesses to deeply engage with site visitors. Mobile browsing has changed the way users interact with the web on all devices, including desktop. In this episode, Bill tells us how this shift creates new opportunities to design compelling digital experiences.

 Episode 41: KidsCamp and the Next Generation of WordPress Users with Sandy Edwards | File Type: audio/mpeg | Duration: 22:51

As of WordCamp Boston 2019, Sandy Edwards has organized 26 KidsCamps across the US. We talk about what kids do at a WordPress KidsCamp, the success these kids have had publishing with WordPress, and how Sandy teaches basic internet safety and security to the next generation of WordPress users. Sandy is an organizer at WordCamp Orlando as well as a homeschooling mom, and runs a digital agency helping small businesses benefit from data-driven marketing.

 Episode 40: WordPress Considers Ditching Signed Core Updates | File Type: audio/mpeg | Duration: 24:02

WordPress core developers recently discussed removing support for code signing in WordPress core, included with the WordPress 5.2 release. The discussion suggested implementing SSL verification & hashes to verify code integrity instead. We chat about the history behind the vulnerability found by Wordfence's Matt Barry, which motivated the addition of code signing. We review several supply chain attacks, discussing how SSL & hashes wouldn't protect against a sophisticated attack on WordPress core servers.

 Episode 39: Headless eCommerce, Scaling for eCommerce Growth with Topher DeRosia | File Type: audio/mpeg | Duration: 32:50

Topher DeRosia is the Developer Evangelist for BigCommerce & a frequent WordCamp speaker. He's worked with WordPress for a long time & is the man behind HeroPress, telling the stories of transformed lives because of WordPress. HeroPress is now syndicated on WordPress.org/news. At WordCamp Boston, Topher and Kathy talked about everything WordPress from security to eCommerce, HeroPress, headless WordPress, headless eCommerce & how these new methods of distributing content & commerce will change publishing.

 Episode 38: Automattic Buys Tumblr from Verizon | File Type: audio/mpeg | Duration: 30:52

The Wall Street Journal reported on August 12 that Verizon is selling social media & blogging platform Tumblr to Automattic. Automattic CEO Matt Mullenweg answered questions on PostStatus, outlining plans to migrate off of Verizon, move Tumblr's backend to WordPress, and support the same APIs on both WordPress.com & Tumblr. Mullenweg noted that this is "by far the largest investment or acquisition Automattic has ever made." In this episode, we discuss the implications for Tumblr, WordPress, and Automattic.

 Episode 37: Vito Peleg Talks Breaking the Agency Glass Ceiling and Building a Product with Your Customers | File Type: audio/mpeg | Duration: 33:59

In this episode, Mark chats with Vito Peleg, the founder of WP Feedback, a plugin that helps WordPress-focused agencies streamline approval and support for their customers. Vito talks about the glass ceiling in agencies where managing people and projects begins to inhibit growth and profitability. He also shares some interesting thoughts on where pain points lie and how to move past them, as well as how to effectively leverage your own customers to inform product design.

Comments

Login or signup comment.