CKA Forums
Login 
canadian forums
bottom
 
 
Canadian Forums

Author Topic Options
Offline
CKA Moderator
CKA Moderator
 Vancouver Canucks


GROUP_AVATAR
User avatar
Profile
Posts: 64817
PostPosted: Wed Feb 08, 2017 3:19 pm
 


Sucuri open source web monitoring reports that WordPress sites are being hacked and defaced due to a vulnerability that was published in the dark web this week.

IP addresses to block on your firewalls:

• 37.237.192.22
• 71.19.248.195
• 134.213.54.163
• 144.217.81.160
• 176.9.36.102
• 185.116.213.71
• 2a00:1a48:7808:104:9b57:dda6:eb3c:61e1

Also, be sure to check your sites before patching them. Apparently patching the site after the hack will make it harder to undo any unauthorized changes.


Online
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 35251
PostPosted: Thu Feb 09, 2017 10:18 am
 


On a related note:

Quote:
Russian cyber-security experts have scaled back cooperation with Western contacts after one of their number was arrested in Moscow on treason charges, making it harder to fight global online crime, U.S. law-enforcement and industry sources say.

Despite acrimonious relations between Russia and the United States in recent years, experts on cyber security in both countries say their law enforcement agencies and private firms had been working together more closely behind the scenes to fight financial fraud and other crimes committed online.

But at least some of that cooperation appears to have come to a sudden halt since Ruslan Stoyanov, head of the computer incidents investigation team at Russian cyber security firm Kaspersky Lab, was arrested in December on suspicion of treason.

Two officers from Russia's Federal Security Service (FSB) were also arrested, identified by a Western security source as Sergei Mikhailov and Dmitry Dokuchayev, both from the FSB's Information Security Center.

Five experts at U.S. or other Western cyber firms all told Reuters their communication with contacts in Russia had been scaled back since the arrests, either because the Russians had stopped replying or because the Westerners had decided it was better not to contact them for now.

"Everybody has clammed up," said John Bambenek, a manager of threat research at Fidelis Cybersecurity.


http://www.reuters.com/article/us-russi ... SKBN15N1WR


Offline
CKA Super Elite
CKA Super Elite


GROUP_AVATAR
User avatar
Profile
Posts: 9482
PostPosted: Thu Feb 09, 2017 11:24 am
 


Make sure your sites are 4.72 auto update should be on, child theme so updates don't break it.
Don't use admin as the name of administrator account.
Add some security plugins, 2 tier authentication etc.
Backup site & db. Even for clients, cuz they'll ignore 8 years of warnings that Joomla 1.3 is insecure...
I run about 10 WP sites, none allow registration and all have No Comments installed.
All are obscure sites, some with names you can't even pronounce

Sit back and watch your email as 100 people a day still try to break into it...

Be prepared that 90% of clients are like Trump. If their site gets hacked 2600 pages of Google about that hack are ALL LIES and YOU did it to screw the out of more money.


Post new topic  Reply to topic  [ 3 posts ] 



Who is online

Users browsing this forum: No registered users and 2 guests




 
     
All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © Canadaka.net. Powered by © phpBB.