Archive for the 'Security' Category

SporTech Matter has been running great on the latest and greatest build of Wordpress. It appears anyone who has upgraded to 2.1.1 in the past week or so could be in danger of a security flaw inserted by a cracker. Matt informs us over on the Wordpress Blog

If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately. This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

So do you part and upgrade your Wordpress install and tell all your friends who are running 2.1.1 to upgrade immediately.

More info can be found here.


read user's comments (0)

Then send them to MiamiDolphins.com, Dolphinsstadium.com, and Proplayerstadium.com, they will get a nice little treat. Infoworld recently released a security bulletin notifiying internet users to stay away from the aformentioned sites. The sites in question have been hacked, and malicious code on those sites has been attempting to infect PCs for at least a week, security experts said Friday. The breach on the stadium site was discovered by Websense’s automated tools on Jan. 26, but the engineers at the company were not alerted to the problem until this week, when Websense customers complained that they were unable to visit the site. From Dan Hubbard, Websense’s senior director of security and technology research…

“If you go to the [Dolphins’] Super Bowl Web site with a Web browser that’s not running the latest and greatest patches from Microsoft, you could get exploited.”

The Web sites that downloaded the malicious software are based in China and were operating on and off on Friday morning, according to Roger Thompson, chief technology officer with Exploit Prevention Labs

So do yourself a favor, and stay away from these sites until they are confirmed to be safe. Feel free to send your enemies to the site, especially the fruity scarf guy.

(Update: Stadium spokesman George Torres now says the site has been cleaned up. I’ve confirmed his claims with a few outside experts. It also appears that the same virus may have been seeded into other sites. The main “podcasts” page on the Web site for the Center for Disease Control and Prevention appears to have been infected at some point (ah, the irony). It is unclear when that could have occurred, and it does not appear to be there now. The folks at CDC are checking on the situation. There obviously are multiple sites currently infected with this Trojan, so make sure you’re up to date on Microsoft patches.)

Source: InfoWorld


read user's comments (1)