Clik here to view.
Five plugins and tips to secure your WordPress blog
How do you protect your own blog from getting hacked? There’s never a foolproof answer, but with some added tools and caution, you can make your website a little safer from getting into harm’s way....
View ArticleClik here to view.
Hack a Day 2: Electric Boogaloo
Well, that was fun… no, not really, but we’re back from the dead like Steve Jobs. We’ve been getting DDoS’d since essentially the first day we originally came back. After killing a 1G connection, we...
View ArticleClik here to view.
WordPress 2.7 upgrade in one line
BadPoetry WordPress 2.7 has just been released and features a complete interface overhaul. Hack a Day runs on WordPress MU hosted by WordPress.com, so we got this update last week. We run standard...
View ArticleClik here to view.
Are you human? Resistor edition
[PT] tipped us off about a new way to screen bots from automatically leaving comments. Resisty is like CAPTCHA but it requires you to decipher color bands on a resistor instead of mangled text. This...
View ArticleClik here to view.
Scraping blogs for fun and profit
Sometimes when you’re working on a problem, a solution is thrown right at your face. We found ourselves in this exact situation a few days ago while putting together Hackaday’s new retro edition; a...
View ArticleClik here to view.
Hackaday Printing Press Upgrade
There comes a time when your movable type becomes so over-used that you no longer get a legible print off of the printing press. For months now we’ve been at work on a new site design that maintains...
View ArticleClik here to view.
Hack a Day 2: Electric Boogaloo
Well, that was fun… no, not really, but we’re back from the dead like Steve Jobs. We’ve been getting DDoS’d since essentially the first day we originally came back. After killing a 1G connection, we...
View ArticleThis Week in Security: XCode Infections, Freepik, and Crypto Fails
There is a scenario that keep security gurus up at night: Malware that can detect software compilation and insert itself into the resulting binary. A new Mac malware, XCSSET (PDF), does just that,...
View ArticleThis Week in Security: Discord, Chromium, and WordPress Forced Updates
[Masato Kinugawa] found a series of bugs that, when strung together, allowed remote code execution in the Discord desktop app. Discord’s desktop application is an Electron powered app, meaning it’s a...
View ArticleClik here to view.
This Week in Security: Y2K22, Accidentally Blocking 911, and Bug Alert
If you had the misfortune of running a Microsoft Exchange server this past week, then you don’t need me to tell you about the Y2K22 problem. To catch rest of us up, when Exchange tried to download the...
View ArticleClik here to view.
This Week in Security: Chrome 0-day,Cassandra, and a Cisco PoC
Running Chrome or a Chromium-based browser? Check for version 98.0.4758.102, and update if you’re not running that release or better. Quick tip, use chrome://restart to trigger an immediate restart of...
View ArticleClik here to view.
This Week in Security: Rackspace Falls Over, Poison Ping, and the WordPress Race
In what’s being described as a Humpty-Dumpty incident, Rackspace customers have lost access to their hosted Exchange service, and by extension, lots of archived emails. The first official word of...
View ArticleClik here to view.
This Week in Security: Gitlab, KeyPassMini, and Horse
There’s a really nasty CVSS 10.0 severity vulnerability in Gitlab 16.0.0. The good news is that this is the only vulnerable version, and the fix came a mere two days after the vulnerable release. If...
View ArticleClik here to view.
This Week in Security: Bogus CVEs, Bogus PoCs, And Maybe a Bogus Breach
It appears we have something of a problem. It’s not really a new problem, and shouldn’t be too surprising, but it did pop up again this week: bogus CVEs. Starting out in the security field? What’s the...
View ArticleClik here to view.
FLOSS Weekly Episode 768: Open Source Radio
This week Jonathan Bennett and Doc Searls talk with Tony Zeoli about Netmix and the Radio Station WordPress plugin. The story starts with the Netmix startup, one of the first places doing Internet...
View ArticleClik here to view.
This Week in Security: Forksquatting, RustDesk, and M&Ms
Github is struggling to keep up with a malware campaign that’s a new twist on typosquatting. The play is straightforward: Clone popular repositories, add malware, and advertise the forks as the...
View ArticleClik here to view.
This Week in Security: Crash your iPhone, Hack Your Site, and Bluetooth Woes
There have been some hilarious issues on mobile devices over the years. The HTC Dream had a hidden shell that was discovered when a phone rebooted after sending a text containing just the word...
View ArticleClik here to view.
This Week in Security: The Rest of the IPv6 Story, CVE Hunting, and Hacking...
We finally have some answers about the Windows IPv6 vulnerability — and a Proof of Concept! The patch was a single change in the Windows TCP/IP driver’s Ipv6pProcessOptions(), now calling...
View Article