162,000 WordPress instances abused for DDoS attack

The discovery was made by security firm Sucuri that counted more than 162,000 legitimate WordPress sites. The attack targets the XML-RPC implemented by web sites running WordPress and many other Web applications that offer services such as pingbacks, trackbacks, and remote access to some users. A similar attack is considerable as an application DDoS conducted with ISO/OSI application layer requests, exactly like HTTP DDoS attack, but its magnitude is significantly lower respect DNS amplification DDoS attacks or an NTP based DDoS.”]

Source: https://securityaffairs.co/wordpress/23005/hacking/162000-wordpress-instances-abused-ddos-attack.html

Something Fresh

Zip Codes & PII: Are They Personal Data?

ZeroNet: 51% Attack Risks & Mitigation

Zero Knowledge Voting with Trusted Server

What People Reading

YubiKey Security: Initial Setup with Yubi Cloud

Zero-Day Vulnerabilities: User Defence Guide

Feedback and data-driven updates to Googles disclosure policy

ZAP: Brute Force Passwords

Security Insider Interview Series: John McArthur, Senior Product Manager, IP Intelligence; and Rupert Young, Senior Director Software Engineering, Data Compilation and Identity, Neustar

Categories

Partners

Just add here your partners image or promo text