[General] Exploit Rumblings
Tuesday, January 15th, 2008 - General
I am reading a lot of rumblings in some blogs and forums on the Internet about a new type of exploit that is running rampant on the Internet these days. Unfortunately all of this information is jumbled together and I think multiple exploits are being discussed where parties involved in the discussion are confusing one exploit for another. There just doesn’t seem to be any definitive way to identify the exploit or how to stop it. Some discussion is centered around whether or not this is a real exploit or just accounts using weak passwords.
At any rate, this is probably a good time to stress the importance of keeping your scripts up-to-date with their development. This is why it is so very important that you keep your scripts up-to-date and do not lag behind in updating your scripts. If there is an exploit, it may be taking advantage of a known vulnerability in a script or application, if you’re not running the latest version of that script or application, then you may be vulnerable to this exploit.
This is also a good time to stress the importance of using a good strong password for anything associated with your account. A weak password might be easier to remember, but it is also easier for a hacker or malicious user to guess. If you are using a weak password and someone is able to guess that password, then you have effectively opened up the entire account to allow that user to perform whatever tasks they desire on your account. They could delete the files on your account, inject the account with a virus or malicious code, or some other malicious action.
Steven