Latest topics
» #Live - #LadyDragon #SarahSanders #PressConference
Today at 3:48 pm by LadyDragon

» More on Those Massive Waves - Slams into California, Oregon and Washington State Coastline
Today at 1:45 pm by PurpleSkyz

» #LIVE - #OUTNUMBERED + #LadyDragon #Flynn sentencing
Today at 1:38 pm by LadyDragon

» 5 CBD Myths That Are Just 100% Not True
Today at 1:25 pm by PurpleSkyz

» ET Propaganda and the Seventh Seal by Anna Von Reitz plus more
Today at 1:23 pm by PurpleSkyz

» Ursid Meteor Shower 2018 - Eyes On The Skies
Today at 1:21 pm by PurpleSkyz

» Argentina Creates Mandatory Vaccination Law For Passport, ID, Driver’s License, School & More
Today at 1:19 pm by PurpleSkyz

» A UFO The Size Of Planet Earth Seen Hovering Near Saturn
Today at 1:18 pm by PurpleSkyz

» NIBIRU News ~ Eclipsed:-oPlanet X Bodies Cloaked in the Sky plus MORE
Today at 1:17 pm by PurpleSkyz

» The Mystery Of King Tuts Dagger 'Now SOLVED' - Out of This World!!
Today at 1:15 pm by PurpleSkyz

» A Garden In The Afterlife - Woman struck by lightning tells her Near Death Experience
Today at 1:13 pm by PurpleSkyz

» 12 Keys to Access the Deeper Dimensions of Life
Today at 1:12 pm by PurpleSkyz

» Cancer Full Moon On December 22nd: Heightened Intuition
Today at 1:11 pm by PurpleSkyz

» Earthquakes in strange places: A magnitude 3.0 is the third quake to rattle eastern Tennessee in less than a week
Today at 1:10 pm by PurpleSkyz

» “The Envelopes”
Today at 1:09 pm by PurpleSkyz

» #QAnon Drama Theater: NO NAME FAKE FUNERAL??? MYSTERY FUNERAL NOTES!!! plus more
Today at 1:09 pm by PurpleSkyz

» UFO News - UFO Sighting In Taiwan of 6 UFO Crafts near Mountain plus MORE
Today at 1:08 pm by PurpleSkyz

» Anonymous. Your DNA is Weaponized. 12/11/18 [CC] A Message from "The Collective"
Today at 12:19 pm by Consciousness Of Economic

» Qanon - the NSA & Marvin the Martian - WTF? & Bart Simpson?
Today at 12:18 pm by Consciousness Of Economic

» Fed to Destroy Itself...ON PURPOSE? Trump to Lay Blame? Roota KNOWS!! (Bix Weir)
Today at 12:17 pm by Consciousness Of Economic

» It Has Begun...Mandatory Vaccinations for All ~ Argentina..Home to Jesuit Pope Francis
Today at 12:15 pm by Consciousness Of Economic

Today at 12:13 pm by Consciousness Of Economic

» RISE Of The ´Black-Eyed´ People
Today at 12:08 pm by Consciousness Of Economic

» This Was NEVER Public! They NEVER Showed This On TV! [Part 1] (2018 - 2019)
Today at 12:07 pm by Consciousness Of Economic

» Behavioral Genetics Robert Plomin
Today at 12:06 pm by Consciousness Of Economic

» DNA and Behavioral Genetics - Robert Plomin
Today at 12:02 pm by Consciousness Of Economic

» Vaccingate: Infanrix Hexa chemical composition
Today at 11:52 am by Consciousness Of Economic

» The battery that could make mass solar and wind power viable | Dispatch
Today at 11:50 am by Consciousness Of Economic

» Unlocking renewables: storage is the remedy for intermittency | Don Sadoway | HT Summit 2017
Today at 11:49 am by Consciousness Of Economic

» Volcano Anomaly, Electric News Bonanza
Today at 12:58 am by PurpleSkyz

» What’s Coming? What Do We Want?
Today at 12:44 am by PurpleSkyz

» Skara Brae | Neolithic Origins in Ancient Orkney 3180 BC
Today at 12:35 am by PurpleSkyz

» Linda Moulton Howe Brain Power
Today at 12:15 am by PurpleSkyz

» Yellow Vest Movement - Are We Heading Towards Real Systemic Change or Being Set Up?
Yesterday at 8:43 pm by MartyM

» Benjamin Fulford 12-17-18… “Secret head of world finance, Cardinal Pell, fired and big changes coming”
Yesterday at 8:34 pm by MartyM

» Elizabeth Wilcock - Dimensions of Disclosure - August 2018
Yesterday at 6:35 pm by PurpleSkyz

» Secret Societies: Building a New Earth (The New World Order)
Yesterday at 6:29 pm by PurpleSkyz

Yesterday at 3:45 pm by 4-truth




You are not connected. Please login or register

Out Of Mind » THE INSANITY OF REALITY » CABAL AGENDA & WORLD DOMINATION » All WP Bloggers’ Warning: Please Read or Lose Your Blog

All WP Bloggers’ Warning: Please Read or Lose Your Blog

Go down  Message [Page 1 of 1]


April 14, 2013

All WP Bloggers’ Warning: Please Read or Lose Your Blog

Change your PW right away to something “unguessable” by the
super-bots or you could be shut down in this massive initiative to
control the Internet.

“These requirements are fairly typical of a secure password: upper
and lowercase letters, at least eight characters long, and including
‘special’ characters (^%$#@*).”

Was Jean Haines’ blog a victim yesterday? She says it’s something she did, but perhaps not. Just be forewarned. She advised she is fine.

Any others, like Blogspot would probably be wise to protect themselves now, too.

WordPress Blog Attacks

from Drake

Security analysts have detected an ongoing attack that uses a huge
number of computers from across the Internet to commandeer servers that
run the WordPress blogging application.

The unknown people behind the highly distributed attack are using
more than 90,000 IP addresses to brute-force crack administrative
credentials of vulnerable WordPress systems, researchers from at least
three Web hosting services reported. At least one company warned that
the attackers may be in the process of building a “botnet” of infected
computers that’s vastly stronger and more destructive than those
available today. That’s because the servers have bandwidth connections
that are typically tens, hundreds, or even thousands of times faster
than botnets made of infected machines in homes and small businesses.

“These larger machines can cause much more damage in DDoS
[distributed denial-of-service] attacks because the servers have large
network connections and are capable of generating significant amounts of
traffic,” Matthew Prince, CEO of content delivery network CloudFlare,
wrote in a blog post describing the attacks.

It’s not the first time researchers have raised the specter of a
super botnet with potentially dire consequences for the Internet. In
October, they revealed that highly debilitating DDoS attacks on six of
the biggest US banks used compromised Web servers to
flood their targets with above-average amounts of Internet traffic. The
botnet came to be known as the itsoknoproblembro or Brobot, names that
came from a relatively new attack tool kit some of the infected machines
ran. If typical botnets used in DDoS attacks were the network
equivalent of tens of thousands of garden hoses trained on a target, the
Brobot machines were akin to hundreds of fire hoses. Despite their
smaller number, they were nonetheless able to inflict more damage
because of their bigger capacity.

There’s already evidence that some of the commandeered WordPress websites are being abused in a similar fashion. A blog post published
Friday by someone from Web host ResellerClub said the company’s systems
running that platform are also under an “ongoing and highly distributed
global attack.”

“To give you a little history, we recently heard from a major law
enforcement agency about a massive attack on US financial institutions
originating from our servers,” the blog post reported. “We did a
detailed analysis of the attack pattern and found out that most of the
attack was originating from [content management systems] (mostly
WordPress). Further analysis revealed that the admin accounts had been
compromised (in one form or the other) and malicious scripts were
uploaded into the directories.”

The blog post continued:

“Today, this attack is happening at a global level and WordPress
instances across hosting providers are being targeted. Since the attack
is highly distributed in nature (most of the IPs used are spoofed), it
is making it difficult for us to block all malicious data.”

According to CloudFlare’s Prince, the distributed attacks are
attempting to brute force the administrative portals of WordPress
servers, employing the username “admin” and 1,000 or so common
passwords. He said the attacks are coming from tens of thousands of
unique IP addresses, an assessment that squares with the finding of more than 90,000 IP addresses hitting WordPress machines hosted by HostGator.

“At this moment, we highly recommend you log into any WordPress
installation you have and change the password to something that meets
the security requirements specified on the WordPress website the
company’s Sean Valant wrote. “These requirements are fairly typical of a
secure password: upper and lowercase letters, at least eight characters
long, and including ‘special’ characters (^%$#@*).”

Operators of WordPress sites can take other measures too, including installing plugins such as this one and this one, which close some of the holes most frequently exploited in these types of attacks. Beyond that, operators can sign up for a free plan from CloudFlare that automatically blocks login attempts that bear the signature of the brute-force attack.

Already, HostGator has indicated that the strain of this mass attack
is causing huge strains on websites, which come to a crawl or go down
altogether. There are also indications that once a WordPress
installation is infected it’s equipped with a backdoor so that attackers
can maintain control even after the compromised administrative
credentials have been changed. In some respects, the WordPress attacks
resemble the mass compromise of machines running the Apache Web server,
which Ars chronicled 10 days ago.

With so much at stake, readers who run WordPress sites are strongly
advised to lock down their servers immediately. The effort may not only
protect the security of the individual site. It could help safeguard the
Internet as a whole.


Thanks to:


Back to top  Message [Page 1 of 1]

Permissions in this forum:
You cannot reply to topics in this forum