I’ll pull together a fuller write up over the course of this week, but in the meantime, here are some photographs: http://flickr.com/photos/craigmurphy/sets/72157609886748188/…
Blogs / The Social Programmer — Craig Murphy: author, blogger, community evangelist, developer, speaker
View all »
Latest posts
-
DDD7 Some photographs
http://www.craigmurphy.com/blog/?p=980 -
DDD7 - Please give us your feedback!
http://www.craigmurphy.com/blog/?p=978DDD7 feedback is now open: http://www.developerday.co.uk/ddd/feedback.asp Technorati Tags: DDD, DDD7, Feedback…
-
Antivirus 2009 seems to doing the rounds…
http://www.craigmurphy.com/blog/?p=974A colleague brought his XP-based laptop into the office today. Through a quirk of fate, Antivirus 2009 had managed to install itself. It’s a pretty swish looking piece of malware that looks very much like leading anti-virus programs, even giving you the feel-good factor that it has found infected files and has cleaned them for you. …
View all »
156 blog reactions
-
WordPress 2.7 RC 1
http://blog.caspie.net/2008/12/02/wordpress-27-rc-1/вградената функция за обновяване на платформата. Още информация по проблема WordPresz: WordPresz от адаша Peter Westwood (WordPress Lead Dev) WordPresz 2.6.4 - fake? от Craig Murphy Fake site punts Trojanised WordPress от The Register Вижте как изглежда хакнатия Dashboard
-
We Heart Wordpress
http://www.weheartwp.comthat appears to be legitimate, but in fact does something malicious. All users of WordPress should check their sites and make sure they haven’t been tricked into upgrading to version 2.6.4. If you have been tricked, this article tells you how to clean up the mess. Wordpress itself has released 2.6.5 (skipping version 2.6.4 and jumping from 2.6.3 to 2.6.5 to avoid confusion with a fake 2.6.4 and it fixes one security problem and three bugs. They are recommending everyone upgrade to this release.
-
Is my blog running on a virus?
http://mskempster.com/2008/11/is-my-site-running-a-virus/but need to check with WordPress.org pretty darn fast. More on the fake version - “The new PHP contains call backs to the Fake WordPress site and looks to be stealing credentials.” - Baccas reports. Also, The Register has it covered as well as Craig Murphy.
-
Wordpress update to 2.6.5
http://wgmcn.com/blog/wordpress-update-to-265.html伪造的含有木马的WordPress 2.6.4流传出来,所以才直接跳过此版本直接到2.6.5。 更新改进(via): 修正一个基于虚拟主机的可能会引发跨站攻击的Bug 防止日志元信息意外地写入到修订版本之中
-
WordPress 2.6.5 Released!
http://www.saphod.net/2008/11/26/wordpress-265-released/The authors of WordPress point out that there is not and never will be a version 2.6.4! This is mentioned due to a fake WordPress version 2.6.4 that made the rounds. You can read more about that fake version on Craig Murphy’s blog. Tags: bugfix | release | security | wordpress
-
WordPress 2.6.5 is not fake atleast …
http://hobbypress.wordpress.com/2008/11/26/wordpress-265-is-...Now what is this fake wordpress thing ? If you don’t know check out this post by Peter Westwood one of the Lead Developers of WordPress titled WordPresz [It seems there has been an attempt recently to distribute a trojaned version of WordPress via some form of phishing scam. It seems this attack relied on exploiting an old version of WordPress which had not been upgraded and changing it to point at a different site for one of the dashboard feeds. The site was then offering a trojaned
-
Decoding wp-admin/js/revisions-js.php easter egg
http://www.greebo.net/2008/11/25/decoding-wp-adminjsrevision...The code is so obscure, that no static analysis tool can inspect it, or security auditor would normally take the time out to look at it, and yet it may contain an XSS or DOM injection, or it may contain malware if the download is corrupted, or a fake version comes out. I really wish that folks who think this sort of thing is necessary really stop to think about the amount of time it took them to craft this particular gem It would be best to delete this - and every other WP easter egg - now before it infects any
-
如果用IP地址能访问到你的WP blog,请立即更新WordPress到2.6.5
http://www.awflasher.com/blog/archives/1602值得一提的是,由于之前曾经有一版伪造的含有木马的WordPress 2.6.4流传出来,官方决定跳过这个版本号。请看截图: 关于WordPress 2.6.4的诈骗,这里有非常详细的图文说明。本周热点:
-
The Morning Brew #222
http://blog.cwa.me.uk/2008/11/13/the-morning-brew-222/Community DDD Scotland 2 - 2nd May 2009 - Criag Murphy announces the dates for DeveloperDeveloperDeveloper Day Scotland’s second event. DDD is a great free event (I’ve attended the Reading based event a number of times), and I hope to attend the Scottish incarnation this time round.
Top Tags
What this blog is about
