Reuters hack was due to old WordPress version
Posted on 07 August 2012.
While the individuals responsible for the recent hijacking of Reuters' blogging platform and one of its Twitter accounts are still unknown, it has emerged that the attackers likely managed to hack the former because Reuters still used an older version of WordPress.

Mark Jaquith, a lead developer of the WordPress core and a member of the Wordpress security team, has shared with the WSJ that instead of the current version (3.4.1) Reuters was using version 3.1.1 of the popular blogging software - an iteration with a number of publicly known security issues.

"If organizations ignore (update) notifications and stay on an outdated version, then they put themselves at risk of these sorts of breaches, he commented.

I can't help but noticing that this case and the one of the recent Gizmodo Twitter account hack should teach us all number of valuable lessons. Yes, the attackers are mostly to blame, but in Reuters' case, someone from the company should have been on top of keeping the software updated.

In Gizmodo's, someone should have dissociated the tech blog's Twitter account from that of Mat Honan once he was no longer writing for the site.

And in Honan's case, he should have used added security where it was available, backed up his work computer occasionally, and not tied several of his most important accounts together.

We should demand good security of our providers, but never forget that we should also do what is in our power to keep ourselves secure.






Spotlight

Emerging cloud threats and how to address them

Posted on 15 September 2014.  |  Public and community clouds can be appealing targets for hackers looking to disrupt or steal information from scores of organizations with one successful strike. Here are some emerging security threats and issues cloud providers and their clients should be aware of.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 16th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //