security: prevedvsem123.cn eats Wordpress sites for lunch - 10/20/08 01:56 PM
The domain name was created 18 days ago and is said to be owned by someone named MichellGregory.   The IP address says the server may reside somewhere in the Ukraine.   The contact information for the site lists Michell as somewhere in the 2767729 zip code with a phone number of 1-387-900 fax: 1-387-900.    I tried calling but couldn't get through.  Hmmm.  Maybe I'll drop him a letter in the mail.
I would like to talk to Michell.   I would even pay for lunch just to find out how he might be connected to a recent attack on a number of websites, … (2 comments)

security: New Security Alert in Joomla - 08/13/08 12:19 AM
People often get all freaked out when they hear about security flaws in content management systems like Joomla. This is the nature of the beast. You shouldn't be worried if your CMS-based website has security holes as much as if the developers are fixing them quickly. In this case, it was fixed on the same day it was reported.
If you are running a Joomla site, I've posted the alert details here.
Likely you're not running a Joomla website, maybe you run Wordpress or something custom, this is still an opportunity for me to remind you that ALL database driven software … (0 comments)

security: Little Weasels You Want To Choke - 08/04/08 12:24 AM
Years ago, hacker implied "very smart person" but today it's often "smart person you want to choke."
Over the last few days I've spent many hours cleaning up the mess left behind by some guy that "wanted the challenge" of erasing some useful data, then replacing it with his own.
His method of attack: Stealing/sniffing admin passwords.
What a little weasel.
Open source software like WordPress, Joomla and thousands of others all have one thing in common: They have a screen where you enter an ID and password to control your site.  If weasels get hold of your login info, you … (13 comments)