Skip to content

Scans for Vulnerable WordPress Plugins

12 December 2011, 10:25 am

This morning one of my web sites was scanned for all 25 of these WordPress plugins. I’m not exactly sure what they are vulnerable to (looking around the web it looks like they can be used to add programs to your web site), but you should confirm that if your site is using one of these plusings, that you have the most recent version installed.

Continue reading ‘Scans for Vulnerable WordPress Plugins’ »

If you're new here, you may want to subscribe to my RSS feed. This allows you to read my newer articles without having to visit the site again. Thanks for visiting! Mike

Filed under Server Setup, WordPress.
Comment

More Vulnerability Attack Scans

30 October 2011, 3:11 pm

For the past several hours I’ve been attacked (41,322 times and counting!) by many different IP addresses (95 at last count, including a bunch using Amazon Web Services (amazonaws)) looking for many different URLs. They are searching for the broken timthumb.php script, as well as 5a3c2f91dc7ccef6724e602c0d391659.php or 6c8fd79d31461e644cbf23026ff5d19a.php, which is apparently an app to give the world the ability to execute commands on your web server via the web. I’ll post more details if I can figure out how to present in a useful manner.

Filed under Server Setup, WordPress.
Comment

TimThumb.php Vulnerability Scans

9 September 2011, 11:06 am

Earlier today one of my web sites was scanned for the timthumb.php script. timthumb is a web application that allows for the site to gather and resize images. The script is included in a lot of WordPress themes, such as the list of 332 themes listed at the bottom of this post. If you are using one of these themes, upgrade it, and confirm that timthumb has been upgraded to address its security problems.

Continue reading ‘TimThumb.php Vulnerability Scans’ »

Filed under Server Setup, WordPress. Tagged 
1 Comment

Domains to Block on August 29, 2011

29 August 2011, 9:35 am

The spam problem, while much better than it was a year ago, is still a problem. My SpamAssassin has received spam from all of these domains, in the last three weeks. I am not asserting that these domains have always been used for spam, or that they are now. But in August 2011 they were.

Continue reading ‘Domains to Block on August 29, 2011’ »

Filed under Spam.
Comment

Capital One Database Problem?

18 July 2011, 11:42 am

Earlier today I received an email from Capital One asking me to “Take a moment to update your phone number, mail, and e-mail addresses.” The problem is the message was not addressed to me, but instead to someone else. And the line that says “Re: Your account number ending in xxxx” had four digits in place of the xxxx. They weren’t the last four digits of my account number. I think Capital One is having some major problems with their customer database.

I called them, and they denied there was a problem. I forwarded the note to them at abuse@capitalone.com. The links in the message were all at capitalone.com, so I don’t think it was a phishing attempt. And I use a unique email address whenever I register somewhere, so I don’t think the phishers could have used it to contact me.

Filed under Miscellaneous.
Comment

Ultimate Category Excluder 0.8

7 July 2011, 11:30 am

Ultimate Category Excluder has been upgraded to version 0.8. You may download Ultimate Category Excluder from WordPress.org. The only change made was a new feature, which has been frequently asked for, to allow all categories to appear on the list of categories able to be excluded, even those categories which don’t have any posts yet.

Let me know of any problems you discover.

Filed under Ultimate Category Excluder.
Comment

Should I Upgrade to Windows 7

30 June 2011, 7:09 am

One of my friends asked me: “I’m currently running my Gateway laptop on Windows Vista OS and I’ve been advised to upgrade to Windows 7. Does anyone have thoughts on the benefits or detriments of doing this? ”

The general advice I give for upgrades is: “Does (new system/app) do something that you really need that your (current system/app) can’t do?” If the answer is no, then don’t upgrade. For operating systems, wait until you get a new computer. Why do you need the upgrade? Who is recommending you upgrade? If it’s the guys at Best Buy or some other computer store, I’d guess they are more interested in taking your money than helping fulfill a need you are having.

My primary machine is an iMac, and it is running OS X 10.5, while 10.7 is due out in July. My laptop is actually running 10.4. They do what I need then to do. The new features in 10.6 are nice, but not enough to disrupt my current working processes. If it ain’t broke, don’t fix it.

Filed under Technology.
Comment

Spam to Old Unique Email Addresses

28 June 2011, 11:15 am

Over the past two weeks I’ve started getting spam that was sent to various unique email addresses I had given to sites upon account registration. These sites include:

  • ShowCrew Network
  • Google Groups
  • Knight News Challenge
  • AirplayDirect.com
  • AuctionAds.com (originally an Ebay Ad System, now fallen into the clutches of an educational scammer)
  • washingtoncitypaper.com

While I don’t see any immediate connection between these companies, all of my registrations took place at last two years ago. I’d guess that either the spam-spiders have been making new efforts at leeching email addresses off of old websites, or all of these services were using some central system to manage their mailing lists and that system was compromised.

Filed under Spam.
Comment

Loan Spam

13 June 2011, 12:45 pm

I know I only decide on which banks I should use to grow my business based on the the unwanted email messages they send out.

We Offer Private, Commercial and Personal Loans with Minimal annual Interest Rates of 3% within a 1year to 50years to any part of the world. Contact us via email at bennyloancompan-y0@bine-bine.com

Filed under Spam.
Comment

Review of Moonlight Mahjong Lite

13 June 2011, 9:44 am

This version of mahjong is beautiful on the iPad, and once you’ve played a few games and learned how to expand and shrink the playing area, it is fun. But there are couple of headaches that prevent the game from being as fun as it could be.

  1. Many of the levels have tiles hidden under other tiles in such a way that you can only see what they are by rotating the board nearly 90 degrees. It takes all of the fun out of the game by having to fight the game rather than being able to play the game. And the appearance of those layouts is random, sometimes they show up at level four, other times at level 11. Those levels would be acceptable if we were playing against another person, instead of the “clock” opponent. Or if there were a way to disable those levels when playing in “Scramble” mode.

  2. Sometimes tiles which are very close to the bottom of the pile are open, but there are shadows on them which hides their appearance.
  3. Also, how is the score calculated? On one game I got to a high level, but ended up with a lower score than when I didn’t get as high. I know the time bonus is a significant part of the final score; it just seems that the different tile layouts have a different base score. They also have a different number of matches, making strategy difficult. We should know up front that each set needs to be matched three times for example.

Suggestions:

  1. Add a hint button. Yes, we can hit the little thing in the bottom left to see how any matches there are remaining, but how about an option to highlight one of the two tiles in a remaining match? Maybe we forfeit the level’s speed bonus if we use the hint?
  2. Are the Game Center high scores hacked? 2.7 million points? Really!? What level is that? If it was a custom level, the scores shouldn’t be in the GameCenter.
  3. After the tilebot “wins” you should show the player the matches that were missed.

Overall, Moonlight Mahjong Lite is a fun game, but the levels with difficult to see tiles significantly hinders its enjoyment. I rated it “4 stars” on the iTunes Store.

The Moonlight Mahjong Lite version is free, with ads. The full version of Moonlight Mahjong is currently $0.99. Created by Midnight Martian (Apple Store link or their web site or on Twitter). (some of these are affiliate links, clicking them can earn me a referral fee.)

Filed under iPad App Reviews.
Comment
« Older Entries