Category Archives: Security

UPDATE: Has ZDnet Been Hacked As Well?

Update: 4.7.08 @ 2115h: Looks like ZDNet was hit, as per John’s comment below, via an xml-rpc hack, and no — they aren’t running an old version of WP either, which makes one wonder how vulnerable the newer versions of Wordpress are.
Just to recap: earlier, I documented how Tailrank’s “spam” was accidentally documenting some massive [...]

Comments (24)

How’s Your Wp-Content/Plugins Folder Doing? Secure? Are You Sure?

I’m embarassed to say that I actually knew this tip a while ago, but never got around to implementing it until I read about it *again* today.  Embarassed because this blog has been hacked a few times, and in a fairly devious fashion as well, sometimes perhaps because of an old Wordpress installation — or, [...]

Comments (14)

Facebook Hacked! (Or Rather, The Door Was Left Unlocked)

Update 0030h: Well, that was quick. Brandy Baker of Facebook has left a comment which explains the leak. It turns out that it was the result of “single bug on a server” that exposed the code to a “small number of users” that was fixed “immediately”. Which is a fine enough explanation, [...]

Comments (25)