Blog Archives

One More Check In on WordPress XML-RPC Fail2ban Traps

XML-RPC Attack Traffic

Just putting out an updated chart showing how this has performed through several additional months of operation. I’ve previously covered what’s happening here in detail when I began to sustain a high volume of attacks, when I implemented the fail2ban

Posted in Network Security, Web Security, WordPress

How To Deploy MVPS HOSTS File on an Android Phone

Confirming superuser

I have replaced the default HOSTS file on my Android device with the MVPS HOSTS file, a blacklist for blocking advertising, tracking and malware-distributing server names. Installing this blacklist confers the same browsing security, privacy, and performance benefits on my

Posted in Android, Mobile Security, Privacy

Checking in on the Performance of WordPress XML-RPC Attack Countermeasures

XML-RPC Attack Traffic

Following up on my deployment of WordPress XML-RPC attack countermeasures a few months ago, let’s have a look at how effectively the traps have performed in live operation in the intervening time.

Posted in Network Security, Web Security, WordPress

Countering WordPress XML-RPC Attacks with fail2ban

banned

In my last post I began inquiring into the WordPress XML-RPC attacks I’ve been sustaining here on the site. Since then I’ve been further studying the threat and experimenting with responses, and I have now developed working countermeasures and cast

Posted in Network Security, Web Security, WordPress

Sustaining WordPress XML-RPC Attack Traffic

XML-RPC Attack Traffic

I’ve been experiencing the same increased frequency of attacks against WordPress’ integrated XML-RPC service in recent months as reported by many other site operators. The attacks have been covered well elsewhere, but I wanted to chronicle what I’m seeing and

Posted in Network Security, Web Security, WordPress

Android Device Manager Does Not Work in Internet Explorer

adm_x_ie

[Edit: As of July 11th it looks like this has been fixed. Android Device Manager is working in Internet Explorer 11 again in my testing. Original discussion follows.] Last night I flashed my phone up to CyanogenMod 11 M8, and

Posted in Android, Mobile Security

TrueCrypt: What Happened, What It Means, and What Happens Now

truecrypt_flames

Based on the sum of the evidence that’s now filtered in, and in the consensus view of experts, the primary cause of the TrueCrypt crisis of the last few days was developer fatigue. After 10 years of thankless work developing

Posted in Encryption

Something Rotten Has Occurred in TrueCrypt Land

An extremely significant event affecting TrueCrypt has occurred. It is not yet clear whether it is legitimate or a hoax, and if legitimate, what it means. The truecrypt.org web site has been redirected to a sourceforge landing page advising that

Posted in Encryption

Process Explorer 16.0 Adds VirusTotal Integration

procexp

Author Mark Russinovich just dropped version 16.0 of Sysinternals procexp, an indispensable utility that displays a tree view of every process on a Windows system along with its resource consumption. Procexp’s visual representation of the activity on a system is

Posted in Host Security, Performance, Windows

CyanogenMod Breaks New Ground on Mobile Privacy

CyanogenMod

While Google, Microsoft, Apple and Facebook are busy bending knee to their government handlers and/or telling marketing departments what color underwear you have on, the incredibly smart and capable developers of the CyanogenMod aftermarket Android distribution are cooking up compelling

Posted in Android, Encryption, Mobile Security, Privacy
Top