Posted on Leave a comment

WordPress 2.8.3 broken! Upgrade to 2.8.4 immediately!

In case you missed it, WordPress 2.8.3 has a programming error which allows anyone to reset your administrative password and takeover your WordPress blog. With administrative access, the hacker could destroy your content, lock you out, and repurpose your website for wrong doing, spamming, pornography, slander, or whatever they want. Upgrade to WordPress 2.8.4 immediately! Learn more at darknet.org.uk.

This vulnerability could be prevented by securing the /wp-admin directory.

BlogSecurity has recommended before that the /wp-admin/* directory should be password protected or restricted to IP address. This would mitigate this problem. See our advisory here for details. [Source, BlogSecurity, WordPress <= 2.8.3 Reset Admin Password Vulnerability]

See details of the exploit at milw0rm.

Posted on 1 Comment

Has my Google Calendar been compromised?

This morning as I looked at "My calendars" of my Google calendar I noticed one I did not remember creating. Not in "Other calendars" but in "My calendars" sat Paddy Daly. Since I quit using Google Calendar regularly a while back, I decided to see what notes I’d made about this Paddy Daly calendar I created. But I didn’t create it! And the creator made no notes. The calendar creator is punapaddy at a yahoo.com email address and a Hawii timezone. This makes no sense. There appear to be no events on the calendar either. I do seem to have the ability to delete the calendar.

Who is Paddy Daly?

Paddy Daly, {1888-1960} sometimes referred to as Paddy O’Daly, served in the Irish Republican Army during the Irish War of Independence[1] and subsequently held the rank of Major-General in the National Army in the period 1922 to 1924. [Source, Wikipedia]

So is this some form of vandalism? Political protest or activism? How did it get on my calendar and what security hole in Google Calendar do I need to close?