US-CERT has issued an alert regarding the ongoing massive brute-force attacks against WordPress sites, warning users and administrators to keep their installation always updated and to change the username and password for their WordPress accounts - especially if they kept the default "admin" username and use an easy-to-guess, commonly-used password.
WordPress users can finally secure their account(s) with two step authentication.
WordPress 3.5.1, now available for download, is a maintenance and security release for all previous versions that fixes 37 bugs.
Author: Olly Connelly Pages: 408 Publisher: Packt Publishing ISBN: 1849512108 Back in 2004, the company behind the then-popular blogging platform Movable Type shot themselves in the foot by changing the license, prompting the majority of top users to select an alternative platform.
Joomla and WordPress sites' administrators should consider updating to the latest version of their respective content management system as soon as possible since, according to reports, malware peddlers are bent on compromising them with "some tool that's basically firing a bunch of Joomla and Wordpress exploits at a given server and hoping something hits." The compromised websites are then embedded with an iFrame that first directs users to a traffic distribution system, and then to a page hosting an exploit kit.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.