WordPress Hack

Security experts have reported a Brute Force attack over the WordPress blogs and thousands of blogs have been reported to be hacked because of the massive attack being done. This attack has been confirmed by the Cloudflare. The attack uses botnet and automated attempts to guess the passwords for the default admin account of the WordPress. Surely! the use of weak passwords and the default admin username for your WordPress is the biggest problem which can become the cause of your blog take-down by the hackers.

Remain Safe From the Massive WordPress Brute Force Attack:

You can easily avoid this attack by following these general and very simple instructions:

Don't use default user name i-e admin to login to your blog because it's the default account which you get when you install WordPress. Be sure to add a new administrator account and change the username of that account to something random.

Don't use weak passwords because passwords like in the dictionary and other language words are damn easy to be guessed by a powerful machine. Make a strong password consisting of numbers and symbols.

Be sure that your WordPress version is up to date and no surplus deactivated themes and plugins are present, as any old file and vulnerable can be a cause of hacked WordPress blog.

Actually the attack isn't that much strong but chaining together the power of various servers and hosting is going to make it real strong against your blog. If the hosting companies accounts are vulnerable and undertaken by hackers then a botnet attack carried by this will be damn more powerful than the zombie laptops attacks.

A recent report has shown that the last attack reported was dependent on the 90,000 IP's and it means how large number of hosting accounts have been compromised and as far as I am concerned they are also making use of other vulnerabilities in the WordPress and website structure though the main attack is reported to be a Brute Forced one.

WordPress team action at it's side:

WordPress is going to roll out a two factor verification for the login process of the CMS and it will make brute force die out completely and almost unusable against the WordPress blog. Unfortunately it's not possible to change the default login directory of the WordPress but once can change his username and password. So go for it!

Read More

Restriction remove from google play

I am here this week with a new trick as lots of android smart phone users are complaining about that blocked market for the country restricted users. I personally tried this way and this worked well too! I know you all may be well aware that you can easily enable the access to country restricted market using some third party application but the users are complaining that even these third party application after emulating the sim to another USA carrier doesn’t work well. I had to sort out a solution because last day I just installed Cyanogen Mod and after the flash of Gaps I couldn’t do successful emulation to enable every content of the market for my country. So, I tried every way cleared the cache and emulated every sim but I failed. I was able to reach to application e-g Google Voice Search but was unable to download that, Following was the error on clicking download:-
This Application can’t be downloaded in your country, and So what, I don’t remember it much Open-mouthed smile
Procedure I tried to Unblock the Applications which are country restricted to USA only:-
Download any third party SIM emulator like MarketAccess, Market Enabler etc. Try Googling I can’t give link here without the developer permission Smile with tongue outIf you need help ask in comment will email you!
After that downgrade your upgraded market in case if your ROM had old Google Market when installed/Flashed, Here I am assuming that you had previous version of Market before Upgrading to newer Google Play So in this Case go to Manage Applications and Simply select Google Play and uninstall any updates from there, It will be reverted back to Android Market.
Emulate your Sim using the above mentioned program in first step and Search any country restricted application like Google Maps and try Installing. It will take much time and after couple of minutes download will start
Incase, You have preinstalled Google Play when you purchased a phone with latest ICS release, then please uninstall that using Titanium Backup and then drop comment here, to get the link for Old Market for Android. Well, Ok one link is being posted here, Cheers SmileDownload it and Install it and then emulate the Sim and woa, Its Woking…! 

Read More

Dominos Pizza hacked

Dominos Pizza hacked, details of 650k customers stolen 

Hackers who claimed to have compromised the database server of Domino's Pizza have demanded a ransom of €30,000 to prevent the public disclosure of customer's data.

The hacker group going by the name of Rex Mundi said they hacked into the servers of Domino's Pizza France and Belgium.

The hackers have managed to download more than 592,000 customer records from Dominos France and 58,000 records from Belgian website.

They claim the compromised database contained sensitive information such as customer's full names, addresses, phone numbers, delivery instructions, email IDs and passwords. 

The group gave a deadline of 8PM CET for Dominos to pay them.

"If they do not do so, we will post the entirety of the data in our possession on the Internet." 

Read More

Feedly Hits DDoS Attacks

Feedly and Evernote Hit by DDoS Attacks, Extortion Demands

Yesterday, the most popular RSS reader Feedly was down as a result of a large scale distributed-denial-of service (DDoS) attack carried by the cybercriminals to extort money.

On Wednesday, the Feedly was temporarily unavailable for its users. Feedly posted details of the attack at 5:00 AM ET on its blog saying that they were under a Distributed Denial of Service (DDoS) attack and cyber-criminals were demanding money in return for returning the service to its normal operations.

“Criminals are attacking feedly with a distributed denial of service attack (DDoS). The attacker is trying to extort us money to make it stop,” Edwin Khodabakchian, founder and CEO of Feedly said in a statement on Wednesday. He also expressed regret, “We want to apologize for the inconvenience. Please know that you data is safe and you will be able to re-access your feedly as soon as the attack is neutralized.”

Feedly is a very popular RSS feed service which is available for desktop, iOS and Android devices with around 15 million users and 24,000 paying customers. It is also integrated into hundreds of other third party apps, which offers its users to browse the content of their favorite blogs, magazines, websites and more at one place via RSS feed subscriptions.

Feedly gained its popularity after Google announced the closure of its Google reader service last year. A huge number of RSS Google reader users switched to Feedly. Its popularity and reputation attracts RSS die-hards and cyber-criminals as well.

A San Francisco-based firm confirmed that some bad actors had launched a DDoS attack on its popular site, and were demanding a ransom money to restore the service. But the company refused to pay the amount to criminals which is really a matter of appreciation.

“We refused to give in and are working with our network providers to mitigate the attack as best as we can, ” said Edwin Khodabakchian. He added, “We are working in parallel with other victims of the same group and with law enforcement.”

WHAT IS DDoS ATTACK?

For those who are not familiar, a Distributed Denial-of-Service (DDoS) attack is one in which multiple compromised systems attacks a single target system or service to make it unavailable to its intended users. The flood of incoming requests essentially forces the target system or service to shut down, thereby denying service to the system to its legitimate users.

According to the company, the hackers have compromised Feedly’s network resources, but they haven’t gained access to any of its servers, ensuring its users that their data is safe.

FEEDLY TIME-OUT

At the time of writing, the website was still unavailable with visitors greeted by error messages including ‘408 Request Timeout' and ‘Error 502 Timeout'. But latter, the website informed its users that there is no issue with their browser or the website's CloudFlare content delivery network, whereas the host domain was unreachable at the time.

After few hours of the attack confirmation, Feedly said it had made some changes to its infrastructure on bringing the website online again. "However, these things take some time to put into place and it may still be a few more hours before service is restored," the company said. "Thank you so much for your patience and for sticking with us."

The popular online notes and web clippings service Evernote suffered a similar attack. It is not yet known whether the two are linked, but Feedly and Evernote work closely together.

RECORD-BREAKING DDoS ATTACKS

DDoS attackers have discovered more powerful ways to attack a web service by exploiting Internet protocols such as DNS, NTP and even SNMP which allow cybercriminals to carry out record breaking DDoS attacks with the use of a little skill and relatively small amount of resources.

Feedly has set up an example for all of us that its really not right to pay the ransom to the bad actors and if you fulfill their demands, you are doing nothing but encouraging them more to carry out more such attacks against you.

Read More

Twitter allows GIF

You Can Now Share GIFs on Twitter!

Twitter announced Wednesday afternoon that you can post GIFs that appear within your feed on Twitter.com, Android, and iOS.

That means you’ll be able to see the near-ubiquitous moving images in even more corners of the Web than before. It’s either a blessing or a curse, depending on how prone you are to seizures.

Previously, GIFs were shown inline only on third-party applications for Twitter, such as TweetDeck. Coincidentally, that functionality seems to be temporarily down at the moment. Poor TweetDeck; it’s had a rough couple of weeks. 

We here at Yahoo Tech are dedicated GIF lovers, which is why we’d like to celebrate this news with a good, old-fashioned … GIF PARTY!!!!

That is all.

Read More

eBay Hacked

eBay Hacked, Urges All Members to Change Passwords Immediately

The online auction and sales giant eBay posted a message Wednesday morning saying that it had been hacked, urging all of its members to change their passwords.

The company said in a statement that a database containing encrypted passwords had been breached, but that financial data, including credit card information, was stored separately and was still safe. Hackers were able to gain access to eBay employee log-ins, eBay said, which in turn gave them access to the encoded passwords.

eBay says that no unauthorized transactions have yet been made with the information. But if you’re an eBay user, you still definitely need a new password.

“[C]hanging passwords is a best practice,” the statement said, “and will help enhance security for eBay users.”

In the statement, which was unsigned, eBay said that the attack took place between late February and early March. Though the passwords that the hackers gained access to were encrypted, or obscured by a code to prevent easy reading, eBay did say that the hackers were able to access members’ names, email addresses, physical addresses, phone numbers, and dates of birth. 

The real takeaway from this: Change your eBay password (go to My eBay and open the Personal Information link you’ll see on the left). If you use the same password on multiple sites, you’ll need to change those passwords, too, should the hackers successfully break the encryption.

And if you’re looking for a strong new password, now is a good time torevisit our guide to creating secure passwords on all your online accounts. 

Read More