The DDoS and the Damage Done

“With this notification we would like to inform you that our in-house Website Performance Monitoring System (WPMS) has signaled that your account constantly uses a large amount of the server’s CPU resources. These excessive requests consume an abnormally high amount of CPU resources and endanger the overall performance of the server. Your account consume more then…

Your blog has been hacked. Actually, maybe not. The Pingback Exploit.

This morning I got an email from a person named Sam Browne with the ominous subject line “Your blog has been hacked“. The email read as follows: I am Sam Bowne, an Instructor in Computer Networking and Information Technology at City College San Francisco. Your blog has been hacked, and is being used to attack other…

Brute force attacks call for an end to the default “admin” WordPress user

UPDATE: Chris Rudzki filed ticket #24078 in Track on April 13th to get the suggested username removed. There is some contention in the comments but overall it looks like this may be implemented. UPDATE #2: Just published an extensive post on the lynda.com blog with security tips and what to do if your site falls…

Internet Explorer Alert – Critical Product Vulnerability

This just dumped into my inbox. Since so many people use Internet Explorer 6 or 7 and it talks about a very bad security issue I thought it important enough to warrant a repost (for the full details visit http://www.microsoft.com/technet/security/bulletin/MS08-078.mspx. Basically the bulletin says that if you have automatic updates turned on, your computer will…