Two-Factor Authentication: What it is and Why You Should be Using it Now

Not too long ago, WordPress sites around the world started getting attacked with automated botnet traffic trying to brute force admin passwords. The other day, the official Twitter account of the Associated Press was hacked. Last year, Wired reporter Mat Honan was hacked when his Amazon account was compromised. That compromise allowed an attacker to […]

WordPress Hacking and Cleanup

There’s a brute force attack underway on a global scale. Massive. The attack vector? Keep attempting user/pass combos in an automated way until a breakin happens. If your WordPress site gets hacked, I am available for cleanup and an audit. Aaron@technosailor.com It absolutely will cost you a minor fortune. That’s the way it goes. Don’t […]

Eliminate Unused WordPress Plugins

Consider this post a public service announcement. It’s a common misconception that if a plugin is deactivated in WordPress, that you are immune from performance or security issues. On it’s face, this is not true, and you are risking the internet with this mentality! Take last year’s Timthumb debacle, for instance. Many themes include Timthumb […]

INFOSEC 101: Breaking Down Scary Terms and What They Mean

I am not a hacker. But I understand the information security world. It’s a scary place, unfortunately, to people who have no exposure to it. Yesterday, WordPress 3.0.4 was released as a critical release… and it was. Matt explained the reason for the release in this way: Version 3.0.4 of WordPress…is a very important update […]

WordPress Security and How I’m Going to Take All Your Money

So, it’s happened again. Another vulnerability discovered in WordPress that is now becoming the raging topic around the blogosphere. Is WordPress insecure? Should people move to another platform? If we stomp our feet loud and enough and whine enough, then we can make WordPress look like a ridiculous piece of software that only amateurs should […]