Archive for January, 2009
Are Political Blogs More Likely to Get Hacked?
A website defacement is an attack on a website that changes the visual appearance of the site. These are typically the work of system crackers, who break into a web server and replace the hosted website with one of their own. – wikipedia
Web site defacements stretch back to the birth of the Internet and continue [...]
Old WP-Forum Vulnerability Gets Disclosed
An vulnerability for Fredrik Fahlstad’s WP-Forum Plugin has been made public on milw0rm. The exploit appears to affect an older version (1.7.8) of the popular WordPress plugin.
The plugins homepage is already on version 2.2. This means this vulnerability was probably discovered shortly after the initial version 1.7.4 vulnerability reported by BlogSecurity in early 2008.
As [...]
Twitter gets hacked with poor passwords
Last week wired reported Twitter users falling prey to a password brute force attack. Yes you read correctly, a password brute force attack.
Wired:
An 18-year-old hacker with a history of celebrity pranks has admitted to Monday’s hijacking of multiple high-profile Twitter accounts, including President-Elect Barack Obama’s, and the official feed for Fox News.
The hacker, who goes [...]
DNS dot DDoS Attack targetting the Internet
I was running tcpdump earlier this week when I noticed some odd entries queries to BlogSecurity’s DNS servers:
$ sudo tcpdump port 53
10:35:29.560870 IP 69.50.142.110.50928 > blogsecurity.domain: 43135+ NS? . (17)
10:35:29.561302 IP blogsecurity.domain > 69.50.142.110.50928: 43135- 13/0/14 NS C.ROOT-SERVERS.NET.,[|domain]
10:35:31.037729 IP 76.9.16.171.10435 > blogsecurity.domain: 58781+ NS? . (17)
10:35:31.038201 IP blogsecurity.domain > 76.9.16.171.10435: 58781- [...]
Server updates currently underway
Please note we are currently doing admin work on the server and DNS records. If you are unable to access the site at one point or another, please try again later.
Thanks,
BlogSec Team
