8 lines
1014 B
Plaintext
8 lines
1014 B
Plaintext
|
Spam alert
|
|||
|
|
<p>Yes, I’m aware of the spam on the blog front page. The management does not hawk dubious drugs.</p>
|
|||
|
|
<p>Daniel Franke and I just did an audit and re-secure of the blog last night, so this is a new attack. Looks like a different vector; previously the spam was edited into the posts and invisible, this time it’s only in the front-page display and visible.</p>
|
|||
|
|
<p>It’s a fresh instance of WordPress verified against pristine sources less than 24 hours ago, all permissions checked. Accordingly, this may be a zero-day attack.</p>
|
|||
|
|
<p>Daniel and I will tackle it later tonight after his dinner and my kung-fu class. I’ll update this post with news.</p>
|
|||
|
|
<p>UPDATE: The initial spam has been removed. We don’t know where the hole is, though, so more may appear.</p>
|
|||
|
|
<p>UPDATE2: It’s now about 6 hours later and spam has not reappeared. I changed my blog password for a stronger one, so one theory is that the bad guys were running a really good dictionary cracker.</p>
|