Get Started for FREE
Sign up with Facebook Sign up with X
I don't have a Facebook or a X account
 Your new post is loading...
Your new post is loading...
Scoop.it!
An ongoing brute-force attack on WordPress-based websites has compromised more than 90,000 blogs, but there are simple ways to make sure your blog won't be next to fall.
Gust MEES's insight:
Scoop.it!
According to Sucuri, WordPress administrators who have been hacked should strongly consider taking the following steps to eradicate the intruders and infections:
- Log in to the administrative panel and remove any unfamiliar admin users (the first step after the attackers get in is to add a new user).
- Change all passwords for all admin users (and make sure all legitimate accounts are protected with strong passwords this time!)
- Update the secret keys inside WordPress, otherwise any rogue admin user can remain logged in.
===> Reinstall WordPress from scratch or revert to a known, safe backup. <===
Gust MEES's insight:
According to Sucuri, WordPress administrators who have been hacked should strongly consider taking the following steps to eradicate the intruders and infections:
- Log in to the administrative panel and remove any unfamiliar admin users (the first step after the attackers get in is to add a new user).
- Change all passwords for all admin users (and make sure all legitimate accounts are protected with strong passwords this time!)
- Update the secret keys inside WordPress, otherwise any rogue admin user can remain logged in.
- Reinstall WordPress from scratch or revert to a known, safe backup.
Check also:
- http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing?tag=WordPress
Gust MEES's curator insight,
April 13, 2013 9:20 AM
According to Sucuri, WordPress administrators who have been hacked should strongly consider taking the following steps to eradicate the intruders and infections:
- Log in to the administrative panel and remove any unfamiliar admin users (the first step after the attackers get in is to add a new user).
- Change all passwords for all admin users (and make sure all legitimate accounts are protected with strong passwords this time!)
- Update the secret keys inside WordPress, otherwise any rogue admin user can remain logged in.
- Reinstall WordPress from scratch or revert to a known, safe backup. Check also: - http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing?tag=WordPress |
Scoop.it!
There is a lot of interesting discussion going on at the moment across the interwebs on the intention of the latest string of Brute Force attacks, much of which
That finding comes from Arbor Networks, which said that attackers had compromised numerous PHP Web applications, such as Joomla, as well as many WordPress sites, many of which were using an outdated version of the TimThumb plug-in. After compromising the sites, attackers then loaded toolkits onto the sites that turned them into DDoS attack launch pads. – Information Week Security
Gust MEES's insight:
That finding comes from Arbor Networks, which said that attackers had compromised numerous PHP Web applications, such as Joomla, as well as many WordPress sites, many of which were using an outdated version of the TimThumb plug-in. After compromising the sites, attackers then loaded toolkits onto the sites that turned them into DDoS attack launch pads. – Information Week Security A MUST read to understand the WHY and HOW!!!
Gust MEES's curator insight,
April 13, 2013 9:56 AM
That finding comes from Arbor Networks, which said that attackers had compromised numerous PHP Web applications, such as Joomla, as well as many WordPress sites, many of which were using an outdated version of the TimThumb plug-in. After compromising the sites, attackers then loaded toolkits onto the sites that turned them into DDoS attack launch pads. – Information Week Security
A MUST read to understand the WHY and HOW!!! |
Check also:
- http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing?tag=Botnet