Was WordPress Compromised Again?
The service set up by WordPress to better support WordPress has failed users by suffering a security breach and behaving just like the rest of the internet.
WordPress, and its themes, are often shone with the dark light of the security vulnerability, but we do not hear of WP Engine often. Regardless of that, it seems to do good business and is reaching out to those that it does business with to tell them what went wrong and what they need to do about it.
A reasonable amount of threat mitigation is required, and if you are affected by the issue you are going to have to change your password – again, and probably keep a cautious eye on the comings and goings of your email and financial accounts.
“At WP Engine we are committed to providing robust security. We are writing today to let you know that we learned of an exposure involving some of our customers’ credentials. Out of an abundance of caution, we are proactively taking security measures across our entire customer base,” says the firm in an urgent missive on its web pages.
“We have begun an investigation, however there is immediate action we are taking. Additionally, there is action that requires your immediate attention.”
That action, is probably to panic in the short term, and then to change your password and cancel out any instances of its re-use across the internet. You know the drill, this is a daily thing right. Judging by the WordPress statement we are in the early days of internal investigation.
“While we have no evidence that the information was used inappropriately, as a precaution, we are invalidating the following five passwords associated with your WP Engine account,” explains WordPress as it reveals the sale of its – actually, your, problem. “This means you will need to reset each of them.”
Have fun with that.
Courtesy-TheInq
WordPress Attacked By Hackers
March 14, 2012 by admin
Filed under Around The Net
Comments Off on WordPress Attacked By Hackers
Security outfit Websense said that more than 200,000 infected pages that redirect users to websites displaying fake antivirus scans have been created. The latest compromises are part of a rogue antivirus distribution campaign that has been going on for months, the Websense researchers said.
Cybercriminals gangs have switched to drive-by download attacks that exploit vulnerabilities in outdated browser plug-ins to automatically download and install their rogue software. The large number of infected Web pages seen in this campaign is an indication that these scams still work. Vulnerable websites are a rich source of opportunity for cybercriminals. More than 85 percent of the compromised sites were located in the US, but their visitors were geographically dispersed.
Hackers Breach WordPress Servers
April 15, 2011 by admin
Filed under Around The Net
Comments Off on Hackers Breach WordPress Servers
Hackers have gained access to several servers that support WordPress and may have obtained source code, according to the founding developer of Automattic, the company behind the popular blogging platform.
Matt Mullenweg wrote on the WordPress blog that Automattic has been reviewing log records to determine how much information was breached and re-evaluating “avenues to gain access.”
“We presume our source code was exposed and copied,” Mullenweg wrote. “While much of our code is open source, there are sensitive bits of our and our partners’ code. Beyond that, however, it appears information disclosed was limited.”
Hackers Go After WordPress
March 6, 2011 by admin
Filed under Around The Net
Comments Off on Hackers Go After WordPress
The DDos hostilities began in the morning and lasted for a couple of hours. The estimates on the DDos attack was thought to be “multiple Gigabits per second and tens of millions of packets per second”, according to sources, WordPress is working with their providers to prevent such acts from ever taking place again.WordPress the attack is over, though in Chicago, Dallas and San Antonio. The good news is that the site is back up. However, while the attack was in progress sources say it was on of the “largest” the organization has ever seen. Even centersThe attack unfortunately hit main three data. Read More…..