Over the past four or five days, I’ve been seeing more and more reports of attacks on WordPress powered websites.

The Next Web reports:

Hosting providers around the world are seeing a massive increase in brute force attacks against WordPress and Joomla sites. Attackers are looking to gain access to and compromise accounts, but failing that, they are slowing down their targets or even rendering them unavailable as they exhaust the sites’ resources.

Sucuri, a security firm specializing in website malware, published findings from their logs that showed a sharp increase in the number of blocked attacks on websites – from 30 to 40 thousand a day to 77,000 average per day and up to 100,000 in recent days. Their logs also showed attempts to log into websites with usernames of admin, Admin, administrator, root, and test with passwords like 123456, admin, and password.

Matt Mullenweg, a founding developer of WordPress, had this to say:

Right now there’s a botnet going around all of the WordPresses it can find trying to login with the “admin” username and a bunch of common passwords, and it has turned into a news story (especially from companies that sell “solutions” to the problem).

Matt continues with recommendations on what to do now. He suggests changing the “admin” username, using a strong password, and making sure WordPress and all plugins are up to date.

What am I doing about all this you wonder! Well, I’ve already done it. Last night, a late night I might add, I changed every single WordPress website that High Aspirations, Inc. maintains or has in development to no longer use “admin” as the administrator account. I also changed all the passwords to a ridiculous combination of upper and lower case letters, numbers, and symbols. All clients will be emailed with the new account information later today.

My next step will be to update WordPress and any plugins. I’m pretty sure all websites are already runing the latest version of WordPress, but I know there have been some plugins updated recently. As you know, we do this on a regular basis for all clients on maintenance. It is now a priority job and will be completed as soon as possible.

If your website isn’t on maintenance and you would like us to take care of changing the administrator account, updating the password, and updating the site’s software, please do not hesitate to contact us.

If you’d like to read more about the brute force attacks and the botnet currently running wild on WordPress websites, please check out the following articles, the first three of which are referenced in this post:

• Check your security settings: Brute force attacks against WordPress and Joomla sites have tripled at The Next Web
• Mass WordPress Brute Force Attacks? – Myth or Reality at Sucuri
• Passwords and Brute Force by Matt Mullenweg
• Brute Force Attacks and Their Consequences at Sucuri

Tags: hacking, WordPress

Spotted this avast! antivirus blog post on Facebook a couple of days ago. The post itself dates back to December 2012, but since this was the first time I’d seen anything about a copyright protection system targeting those who visit illegal file-sharing websites, I figured I’d share.

Author, Deborah Salmi, says:

The oft-delayed Copyright Alerts System, or "Six Strikes" anti-piracy scheme, is slated to be implemented sometime in early 2013. The six-strikes-and-you’re-out plan employs an alert system through which subscribers of five major Internet Service Providers (ISPs) in the United States will be warned that they are breaking the law. That includes illegal peer-to-peer file-sharing of movies, music and other entertainment content.

Who are the five ISPs you wonder? Based on the logos on display in the blog post, they are Comcast, Verizon, AT&T, Time Warner Cable, and Cablevision.

Read the entire blog post at the avast! blog.

Visit the Center for Copyright Information (CCI) for more information on the Copyright Alert System (CAS).

The Center for Copyright Information has provided a video that shows how the Copyright Alert System will work:

Tags: copyright

Adobe has released the security updates for Adobe Reader and Acrobat as mentioned in my “Adobe to Patch Zero Day PDF Security Threat this Week” blog post.

These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe is aware of two vulnerabilities that are being exploited and recommends users update their software immediately.

The affected software versions are:

• Adobe Reader XI (11.0.01 and earlier) for Windows and Macintosh
• Adobe Reader X (10.1.5 and earlier) for Windows and Macintosh
• Adobe Reader 9.5.3 and earlier 9.x versions for Windows, Macintosh and Linux
• Adobe Acrobat XI (11.0.01 and earlier) for Windows and Macintosh
• Adobe Acrobat X (10.1.5 and earlier) for Windows and Macintosh
• Adobe Acrobat 9.5.3 and earlier 9.x versions for Windows and Macintosh

Read Adobe’s security bulletin for more information and instructions on updating your software.

Tags: Adobe, Adobe Acrobat, Adobe Reader, hacking, malware, pdf