SEARCH RESULTS
 
Showing 1-10 of 14 records
 
Expand article

Number One Wordpress Security Step

2008-03-31 02:53:02 by Erik T. Heidt in Art of Information Security
 
...Wordpress blog secure Keep the software up-to-date This may sound almost patronizingly obvious, but hold on a second. Every day hackers use unpatched servers or services of one kind or another as the bread and butter of their trade (stealing data, creating Bot networks, selling hacked server access to phishers, etc So, why are there so many...
 
Tags: wordpress, step, wordpress security step, wordpress automatic, wordpress development feed, wordpress community, security, wordpress blog secure, blog
 
 
 
 
Expand article

WordPress 2.5 Cookie Forging Explained

2008-04-25 21:46:49 by Chris Eng in Zero in a bit
 
WordPress 2.5.1 came out recently. It includes a critical security fix for a cookie integrity bug that would allow an attacker to impersonate other users, including WordPress admins, by manipulating the contents of an HTTP cookie. Whenever I read about a vulnerability predicated on the user identity being embedded into a client-side token (as...
 
Tags: cookie, wordpress authentication cookie, authentication cookie, cookie integrity bug, hash, hash hmac, user, user identity, maintain cookie uniqueness
 
 
 
 
Expand article

Wordpress 2.5 cookie integrity protection vulnerability

2008-04-25 16:03:19 by Steven J. Murdoch in Light Blue Touchpaper
 
...Wordpress, which I had just upgraded to version 2.5. Unfortunately, I found a rather nasty security hole, which has now been disclosed. If a Wordpress installation is configured to permit account creation, the vulnerability allows an attacker to gain administrator access The problem is to do with how cookies are generated. The authentication...
 
Tags: cookie, time, user expiry time, wordpress, secure cookie protocol, expiry time, vulnerability, username, maintain cookie uniqueness
 
 
 
 
Expand article

WordPress Security Plugins

2007-11-30 03:00:24 by Editor in Help Net Security - Articles
 
WordPress is a powerful publishing platform that is easy to use and offers anyone the possibility to start a blog in no time. Because of its versatility and a large quantity of third-party plugins, Wo
 
Tags: wordpress, third-party plugins, time, quantity, blog, easy, offers, powerful, platform
 
 
 
 
Expand article

DoS attack prevents access to WordPress.com blogs

2008-02-19 00:00:00 by HASH0x8b20fe0 in Network World on Security
 
The WordPress.com blog-hosting service suffered a denial-of-service (DoS) attack that began Saturday and was still preventing users from logging in or posting to their blogs on Tuesday Fundamental Principles of Network Security Advertisement Protect the organization. Learn the 'Need To Know' aspects of network security. Free paper from APC
 
Tags: network security, attack, blogs, wordpress, dos, fundamental principles, free paper, advertisement, protect
 
 
 
 
Expand article

Hardened stateless session cookies

2008-05-16 12:40:30 by Steven J. Murdoch in Light Blue Touchpaper
 
...Wordpress cookie debacle was that the authors invented their own password hashing and cookie generation scheme. This is generally a bad idea, since its hard even for experts to get these right. Instead, whenever possible, a well-studied proposal should be chosen. It is for this reason that I suggested the phpass library for password hashing,...
 
Tags: scheme, cookie generation scheme, cookie, cookie authentication schemes, cookies, stateless session cookies, fake cookie, cookie authentication key, authentication database
 
 
 
 
Expand article

blog backup

2007-04-25 15:18:45 by Liudvikas Bukys in Liudvikas Bukys
 
I participated in the public beta of BlogBackupOnline.com , and since then the service has gone live, and, for now, free. Signing up is relatively effortless, and now I have an extra up-to-date copy of my blog content without any administrative effort on my part They dont back up image content yet, but theyre working on it. I havent tried using...
 
Tags: administrative effort, lot easier, radio userland, image content, restore feature, movable type, public beta, blog content, previous exportimport
 
 
 
 
Expand article

Theme is back

2007-11-28 12:54:24 by Steven J. Murdoch in Light Blue Touchpaper
 
...Wordpress 2.3 (and also hopefully more maintainable). There are a few bugs to be ironed out, for example the Authors and About pages dont work yet , but these are being worked on. If you spot any other problems, please leave a comment on this post, or email lbt-admin @cl.cam.ac.uk Update 2007-11-28: Authors and About should now work
 
Tags: authors, email lbt-admin, dan cvrek, theme, maintainable, compatible, blix, cam, post
 
 
 
 
Expand article

Inshallahshaheed - Come Out, Come Out Wherever You Are

The Article has images
2007-12-19 18:57:33 by HASH0x89fdb84 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...wordpress.com - down inshallahshaheed.blogspot.com - abondoned ignoredknowlege.blogspot.com - active And so the ultimate question remains, where is the very last and active blog operated by the Ignored Puzzle Pieces of Knowledge or Inshallahshaheed? Here it is - revival.muslimpad.com
 
Tags: blogs, active, diffrent blogs, active blog, puzzle pieces, previous post, cyber jihadists, guest posts, blogspot
 
 
 
 
Expand article

Do yourself a favor and subscribe to this blog

2008-03-23 16:31:35 by Doug Woodall in The Spyware Biz Blog
 
...wordpress.com Securitas Operandi Reach the widest possible worldwide audience with information on data security, business security, and information assurance. Achieve this mission through published books, magazine articles, online forums, public speaking, expert court testimony, and teaching Make a New Years resolution: safer computing ...
 
Tags: safe internet usage, expert court testimony, information assurance, information, online forums, online, worldwide audience, business security, securitas operandi