- Hosting companies worldwide are reporting an increase in brute force attacks on the administration interfaces of WordPress installations. If you’re running a WordPress site, now would be a good time to ensure you are using strong passwords, change the user-id ‘admin’ and limit the number of logins.
- PlaneSploit: Plane hijacking via smartphone (PDF). A talk by Hugo Teso at Hack In The Box Security Conference. Read more here.
- Aditya Balapure provides some insights on the recent DDoS Attack against Spamhaus.
- SSH: “There are often a great many more SSH keys in existence in an organisation than there are users.” SSH an ill-managed mess says Tatu Ylonen, author of the SSH protocol.
- Windows XP: The countdown begins – Support for Windows XP ends on April 8, 2014. Newer OS-Versions have more built-in security features like ASLR or SEHOP.
- What is the difference between a Penetration Test, Vulnerability Assessment and a Security Audit? Some definitions to help define future security service requests.
IT-Security-Links #19
SWITCH Security-Blog 