Results 1 to 4 of 4

Thread: WordPress.org users: change your passwords!

  1. 06-23-2011, 12:27 PM #1
    HunkyLuke
    HunkyLuke is offline
    virgin by request ;) HunkyLuke's Avatar
    Join Date
    Mar 2008
    Posts
    3,194

    WordPress.org users: change your passwords!

    This is news from the WordPress site:

    Earlier today the WordPress team noticed suspicious commits to several popular plugins (AddThis, WPtouch, and W3 Total Cache) containing cleverly disguised backdoors. We determined the commits were not from the authors, rolled them back, pushed updates to the plugins, and shut down access to the plugin repository while we looked for anything else unsavory.

    We’re still investigating what happened, but as a prophylactic measure we’ve decided to force-reset all passwords on WordPress.org. To use the forums, trac, or commit to a plugin or theme, you’ll need to reset your password to a new one. (Same for bbPress.org and BuddyPress.org.)

    As a user, make sure to never use the same password for two different services, and we encourage you not to reset your password to be the same as your old one.

    Second, if you use AddThis, WPtouch, or W3 Total Cache and there’s a possibility you could have updated in the past day, make sure to visit your updates page and upgrade each to the latest version.
    So if you have an account on any of these sites, you need to reset your password asap!
    Luke H.
    Marketing Director
    Zbuckz.com, Jbuckz.com, Dickbank.com, Glamourbuckz.com
    Reply With Quote Reply With Quote

  2. 06-24-2011, 06:18 AM #2
    conran
    conran is offline
    language is my whore, my mistress, my check-out girl. conran's Avatar
    Join Date
    May 2010
    Location
    England
    Posts
    192
    Am I just more in the loop these days, or is all of this increasing dramatically?
    Years ago, I had the impression that hacking and malicious attacks, phishing and all the rest was a doomed business with new protections arriving every day. It was on the decline.
    But now it seems that every couple of days I'm reading another story about how "unsafe" everything is :gun:
    Tips for adult blogging: Adult Affiliate Blog
    Add Another Income Stream: Sell Adult Toys
    Fleshjack, Butt Plugs and more great Mens Sex Toys from a UK Men Only Shop
    Primary business: Gay Content Writer
    Reply With Quote Reply With Quote

  3. 06-24-2011, 10:47 AM #3
    Bec
    Bec is offline
    Moderator Bec's Avatar
    Join Date
    Nov 2003
    Location
    Ohio
    Posts
    8,419
    Evil never sleeps ......

    At least this is one precaution I don't have to deal with, I didn't put any of my stuff on their .org
    Reply With Quote Reply With Quote

  4. 06-24-2011, 12:06 PM #4
    HunkyLuke
    HunkyLuke is offline
    virgin by request ;) HunkyLuke's Avatar
    Join Date
    Mar 2008
    Posts
    3,194
    I think you are spot-on Conran, it is increasing dramatically. One of the biggest issues is that so many computers (PCs and servers) are not updated and/or protected, so bot-nets are increasingly more available making them cheaper and easier to find. And its those bot-nets that hackers use to get into sites and get past the security.

    I read once that if every windows user was forced to upgrade with the latest patches, the amount of bot-net computers would decrease by something crazy like 95%. Then it would just leave unpatched servers, which are easier to fix up as they are somewhat more controlled. That's why I always keep updated with any patches for both my home computers as well as for any scripts that I run on my servers (the main culprit there being WP itself).
    Luke H.
    Marketing Director
    Zbuckz.com, Jbuckz.com, Dickbank.com, Glamourbuckz.com
    Reply With Quote Reply With Quote

« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules