Blog Archives

Countering WordPress XML-RPC Attacks with fail2ban

banned

In my last post I began inquiring into the WordPress XML-RPC attacks I’ve been sustaining here on the site. Since then I’ve been further studying the threat and experimenting with responses, and I have now developed working countermeasures and cast

Posted in Network Security, Web Security

Sustaining WordPress XML-RPC Attack Traffic

XML-RPC Attack Traffic

I’ve been experiencing the same increased frequency of attacks against WordPress’ integrated XML-RPC service in recent months as reported by many other site operators. The attacks have been covered well elsewhere, but I wanted to chronicle what I’m seeing and

Posted in Network Security, Web Security

Android Device Manager Does Not Work in Internet Explorer

adm_x_ie

[Edit: As of July 11th it looks like this has been fixed. Android Device Manager is working in Internet Explorer 11 again in my testing. Original discussion follows.] Last night I flashed my phone up to CyanogenMod 11 M8, and

Posted in Android, Mobile Security

TrueCrypt: What Happened, What It Means, and What Happens Now

truecrypt_flames

Based on the sum of the evidence that’s now filtered in, and in the consensus view of experts, the primary cause of the TrueCrypt crisis of the last few days was developer fatigue. After 10 years of thankless work developing

Posted in Encryption

Something Rotten Has Occurred in TrueCrypt Land

An extremely significant event affecting TrueCrypt has occurred. It is not yet clear whether it is legitimate or a hoax, and if legitimate, what it means. The truecrypt.org web site has been redirected to a sourceforge landing page advising that

Posted in Encryption

Process Explorer 16.0 Adds VirusTotal Integration

procexp

Author Mark Russinovich just dropped version 16.0 of Sysinternals procexp, an indispensable utility that displays a tree view of every process on a Windows system along with its resource consumption. Procexp’s visual representation of the activity on a system is

Posted in Host Security, Performance, Windows

CyanogenMod Breaks New Ground on Mobile Privacy

CyanogenMod

While Google, Microsoft, Apple and Facebook are busy bending knee to their government handlers and/or telling marketing departments what color underwear you have on, the incredibly smart and capable developers of the CyanogenMod aftermarket Android distribution are cooking up compelling

Posted in Android, Encryption, Mobile Security, Privacy

Windows XP End Of Support Life Coming Soon

XP EOSL

As a reminder, Windows XP will officially reach EOSL (End Of Support Life) on April 8, 2014, a milestone in the making for over a decade, finally coming up a little over eight months from now. On this date, Microsoft

Posted in Windows

TrueCrypt Container Sizing for Optical Media

One of the most consistently referenced articles here is my procedure for preparing and burning encrypted CDs with TrueCrypt. It ranks highly on Google for “truecrypt cd” and “truecrypt dvd”, so those referred are often searching for the best TrueCrypt

Posted in Encryption

TrueCrypt 7.1a Released

A minor update to the TrueCrypt free open-source disk encryption tool arrived today, version 7.1a, some five months since the release of the previous stable version. I have upgraded several systems to the new version without issue, including two laptops

Posted in Encryption
Top