[wp-hackers] Porn links in google cache
Dre Armeda
feeds at armeda.com
Thu Jul 14 19:02:56 UTC 2011
Best way to manage that David is to use a password manager:
http://keepass.info/
http://lastpass.com/
These are just two examples.
Dre
On 7/14/11 11:58 AM, David Law wrote:
> On Thu, 14 Jul 2011 09:32:58 -0700, you wrote:
>
>> Variations of the attack happen through FTP credential
>> hijacking (Don't use FTP, use a secure alternative like sFTP/SSH. If you
>> must, don't save your credentials in your client), others we've seen
>> have spread because the hosting provider has no business being a hosting
>> provider (Choose your home wisely).
>
> I had some of my WordPress sites hacked, couldn't 100% confirm the
> security flaw, but beleive it was a combination of using Filezilla and
> saving passwords (Filezilla saves the passwords in text format, no
> encryption!!!) and not updating an Adobe Internet Explorer plugin on
> the PC I use to connect via FTP!
>
> Fortunatly keep regular backups so didn't cause long term damage, but
> changing around 170 passwords (100 FTP, 70 WordPress logins) isn't a 5
> minute task!
>
> David
More information about the wp-hackers
mailing list