[ale] Fwd: [ NNSquad ] Huge attack on WordPress sites could spawn never-before-seen super botnet

Chuck Peters cp at axs.org
Sat Apr 13 08:26:16 EDT 2013 

---------- Forwarded message ----------
From: Lauren Weinstein
Date: Fri, Apr 12, 2013 at 9:30 PM
Subject: [ NNSquad ] Huge attack on WordPress sites could spawn
never-before-seen super botnet
To: nnsquad at nnsquad.org

Huge attack on WordPress sites could spawn never-before-seen super botnet

http://j.mp/ZRZksL  (ars technica)

   "The unknown people behind the highly distributed attack are using more
    than 90,000 IP addresses to brute-force crack administrative
    credentials of vulnerable WordPress systems, researchers from at least
    three Web hosting services reported. At least one company warned that
    the attackers may be in the process of building a "botnet" of infected
    computers that's vastly stronger and more destructive than those
    available today. That's because the servers have bandwidth connections
    that that are typically tens, hundreds, or even thousands of times
    faster than botnets made of infected machines in homes and small
    businesses."

 - - -

Up in the Net!  It's a bug!  It's a phish!  It's SUPER-botnet!

--Lauren--
Lauren Weinstein (lauren at vortex.com): http://www.vortex.com/lauren
Co-Founder: People For Internet Responsibility:
http://www.pfir.org/pfir-info
Founder:
 - Network Neutrality Squad: http://www.nnsquad.org
 - PRIVACY Forum: http://www.vortex.com/privacy-info
 - Data Wisdom Explorers League: http://www.dwel.org
 - Global Coalition for Transparent Internet Performance:
http://www.gctip.org
Member: ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Google+: http://vortex.com/g+lauren / Twitter: http://vortex.com/t-lauren


The Google+ thread is at
https://plus.google.com/114753028665775786510/posts/81U47ANqxDn

I'll be checking some wordpress sites more, but for the time being I
changed the already good passwords using apg -s -a 1 -m 16 -n 4 -E
"B8G6I1l0OQDS5Z2!(),.[]{|}"' and found wordpress doesn't like \.  Then I
added something one would think wordpress should do by default:
https://wordpress.org/extend/plugins/limit-login-attempts/

Now I want a password manger that works on the Linux command line, and
works on my android Nexus7.  Any suggestions?


Chuck
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130413/b9e63420/attachment-0001.html>

More information about the Ale mailing list