[bitfolk] Security incident: Wordpress compromise

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
MGavin Westwood at ->
Author: Andy Smith
Date:  
To: users
Subject: [bitfolk] Security incident: Wordpress compromise

Reply to this message
gpg: Signature made Sun Oct 4 08:51:44 2015 UTC
gpg: using DSA key 2099B64CBF15490B
gpg: Good signature from "Andy Smith <andy@strugglers.net>" [unknown]
gpg: aka "Andrew James Smith <andy@strugglers.net>" [unknown]
gpg: aka "Andy Smith (UKUUG) <andy.smith@ukuug.org>" [unknown]
gpg: aka "Andy Smith (BitFolk Ltd.) <andy@bitfolk.com>" [unknown]
gpg: aka "Andy Smith (Linux User Groups UK) <andy@lug.org.uk>" [unknown]
gpg: aka "Andy Smith (Cernio Technology Cooperative) <andy.smith@cernio.com>" [unknown]
Hi,

I haven't done a security incident posting in a while, but that is
down to me forgetting to do them rather than any lack of them!

On 2nd October a customer's compromised Wordpress install was used
to attempt brute-force logins on another remote site's Wordpress.
This drew an abuse report which is how the original compromise was
discovered.

It's not known at this stage how the customer's Wordpress was
compromised. The site has been disabled.

Cheers,
Andy

About this email:
https://tools.bitfolk.com/wiki/Security_incident_postings

--
http://bitfolk.com/ -- No-nonsense VPS hosting
This message was posted to the following mailing lists:
users
Mailing List Info | Nearby Messages		<-Re: [bitfolk] Clonezilla Backup of VPSRe: [bitfolk] Security incident: Wordpress compromise->
Bitfolk Mailing List Archive administrated by List AdminLurker (version 2.3)