Posts by Pasha Kravtsov

A Look at the New WordPress Brute Force Amplification Attack

Published on by Pasha Kravtsov.

Recently, a new brute force attack method for WordPress instances was identified by Sucuri. This latest technique allows attackers to try a large number of WordPress username and password login combinations in a single HTTP request. The vulnerability can easily be abused by a simple script to try a significant