Wednesday, September 14, 2011

More Wordpress Attacks going on! Using TimThumb vulnerability

They are really going after the TimThumb vulnerability. There were over 80 attempts to hack one site using the vulnerability this month! I wrote my own version last year, and this year I discovered that TimThumb was still installed so I deleted it as we are not using it.

Here is another strange "insert strange data" attack going on. It looks like a long string of garbage but I am sure it means something to someone?

Now I am thinking of not using WordPress or using a "static" version of WordPress to avoid all vulnerabilities. The biggest problem with totally static web pages is that the search function would not work, it has to have a dynamic response. You can use Google site search to get about the same results.

No comments: