Enlarge (credit: Wordfence ) Attacks on websites running an outdated version of WordPress are increasing at a viral rate. Almost 2 million pages have been defaced since a serious vulnerability in the content management system came to light nine days ago. The figure represents a 26 percent spike in the past 24 hours. A rogues’ gallery of sites have been hit by the defacements. They include conservative commentator Glenn Beck’s glennbeck.com, Linux distributor Suse’s news.opensuse.org, the US Department of Energy-supported jcesr.org, the Utah Office of Tourism’s travel.utah.gov, and many more. At least 19 separate campaigns are participating and, in many cases, competing against each other in the defacements. Virtually all of the vandalism is being carried out by exploiting a severe vulnerability WordPress fixed in WordPress version 4.7.2, which was released on January 26. In an attempt to curb attacks before automatic updates installed the patch, the severity of the bug—which resides in a programming interface known as REST—wasn’t disclosed until February 1. Read 4 remaining paragraphs | Comments
Continue reading here:
Virally growing attacks on unpatched WordPress sites affects ~2m pages
phrackthat (2602661) writes The Senate Finance Committee has been informed that the IRS recycled the hard drive of Lois Lerner, which will deprive investigators of the ability to forensically retrieve emails which were supposedly deleted or lost in a “crash.” This news comes after the IRS revealed that it had lost the emails of Lois Lerner and six other employees who were being investigated regarding the targeting of conservative groups and donors. Read more of this story at Slashdot. 