web analytics

Geeky KOOL Hacked by Word Press Security Flaw

This morning, I woke up to find Geeky KOOL had been hacked.  My post with the Stranger Things 2 trailer had been changed with a message that we had been hacked.  I hate when people are malicious just to be malicious.

I was angry about this change. I immediately went into fixing it mode. I forced updated all the staff passwords. I contacted my system administrator for him to look into it.

A friend of mine, Jeff Morrissey, pointed me to an article from DarkReading.com about a Word Press vulnerability.  It was located in the REST API in WordPress 4.7.

The current update for Word Press is 4.7.2.  Geeky KOOL had not been updated since 4.7.  This was my fault. It is my responsibility to have Word Press updated by our system admin.

Word Press put out the update but didn’t publicly disclosure of a vulnerability right away.  They kept it quiet.  When it was announced, I didn’t know about the vulnerabilities.  I didn’t know about the security issue until it directly affected me.

The security update fixed a serious code injection vulnerability in its CMS.  This could and did allow an  unauthorized attacker to alter my post.

Since we ran the update of 4.7.2. to Geeky KOOL, we haven’t had another further unauthorized changes to Geeky KOOL.  Let this be a lesson to all of us. Take the time to update when those pesky updates pop up.

(Via Dark Reading)

Stay Geeky My Friends!

Print Friendly, PDF & Email
This entry was posted in Geek, Internet, Kool. Bookmark the permalink.
Trackbacks are closed, but you can post a comment.

Post a Comment

You must be logged in to post a comment.

We're sorry, but it looks like you're using an older browser that is not supported by our site.
To properly view our site, please upgrade by clicking on one of the links below.

Internet Explorer   |    Google Chrome   |    Mozilla Firefox