Automattic, the company behind the WordPress.com platform experienced a low-level break-in to several of its servers.
Although at this moment, there haven’t any information about the extend of this incident, as the Automattic’s people are still doing investigation.
If your blog is located in the wordpress.com domain, you may want to follow the suggestions offered by the WordPress about the security fundamentals located in the link mentioned above.
I just found out about the vulnerability in Snort DCE/RPC Preprocessor. This preprocessor is vulnerable to a stack-based buffer overflow that could potentially allow attackers to execute code with the same privileges as the Snort binary.
It affected the followings :
- Snort 2.6.1, 220.127.116.11, and 18.104.22.168
- Snort 2.7.0 beta 1
- Open-source Snort 2.6.1.x users are advised to upgrade to Snort 22.214.171.124 (or later) immediately.
- Open-source Snort 2.7 beta users are advised to mitigate this issue by disabling the DCE/RPC preprocessor in snort.conf file. This issue will be resolved in Snort 2.7 beta 2.