[aklug] Re: SANS info - Wordpress Breach

From: Jim Gribbin <jimgribbin@gmail.com>
Date: Sat Apr 16 2011 - 16:39:40 AKDT

I hadn't heard about the Baracudda breach, but they aren't doing a very
good job of keeping the Wordpress hack under wraps. That was posted on
Slashdot a couple of days ago.

Jim G

On Sat, 2011-04-16 at 08:34 -0800, barsalou wrote:
> As a condition of use, they have asked us not to re-post this on a =20
> website, but it can be passed along via e-mail. Sign up here:
>
> https://portal.sans.org/login.php?yatf
>
> Passed conversation implies that some of us in AKLUG use this =20
> personally or know about installations.
>
>
> --WordPress Servers Breached
> (April 13 & 14, 2011)
> Attackers may have accessed source code from servers that support the
> WordPress blogging platform, according to WordPress parent company
> Automattic. The intruders gained access to code belonging to WordPress
> and some of its partners. WordPress said it had experienced "a
> low-level (root) break-in to several ... servers," and that it is
> reviewing logs and records to determine how much information was
> compromised. This is not the first time WordPress has come under
> attack; earlier this year, it was the target of a denial-of-service
> attack that prevented users from publishing content.
> http://www.computerworld.com/s/article/9215809/Hackers_gain_root_access_to_W=
> ordpress_servers?taxonomyId=3D17
> http://www.darkreading.com/security-monitoring/167901086/security/attacks-br=
> eaches/229401553/wordpress-reports-multiserver-breach.html
> http://www.theregister.co.uk/2011/04/13/wordpress_hack_attack/
> http://en.blog.wordpress.com/2011/04/13/security/
>
>
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Sat Apr 16 16:39:51 2011

This archive was generated by hypermail 2.1.8 : Sat Apr 16 2011 - 16:39:51 AKDT