Warning: Infected plugins uploaded to wordpress.org
This week it was discovered that unauthorised software uploads were made to the WordPress.org plugins repository and 3 compromised plugins were discovered. Anyone with a wordpress.org account should have been notified (although I have not been yet) to change their password. They are also advising anyone who uses AddThis, WPtouch, or W3 Total Cache plugins and there’s a possibility they could have updated in the past day, to replace with the clean versions. We use wordpress extensively through our businesses and all instances have been checked and verified OK. Incoming search...
read moreMac Skype Client vulnerability: No cause for concern
Don’t panic, Skype tells users: Currently a story is doing the rounds that Mac owners running the Skype communications client are at risk of system compromise from specially crafted messages. Given that the default for Skype is to not accept messages from unknown sources, Skype have been playing down this threat and plan to fix in next week’s planned update. There was a hotfix made available last month and concerned users should upgrade (click Skype –> Check for updates) More details...
read moreSo, your site has been hacked, now what?
A while ago our WordPress based website was hacked and code inserted into the core WordPress and theme files. The code was meant to redirect visitors to a malware site, but even this was broken and it just killed our site instead. We are a small business but try and organise ourselves like the big boys with our approach to technology where it makes sense to do so. We might not have a security monitoring centre and team of system administrators running backups but we take the underlying principles and apply them to our needs. Our site was offline while we recovered and in a few hours we...
read more