Happy Holidays from the hackers!
There are some scary bad guys out there playing with security on websites. Sites that use mysql databases – which includes all wordpress, drupal and shopping systems – have some very real new security risks.
http://www.securityweek.com/security-researcher-releases-batch-mysql-vulnerabilities
WHAT DOES THIS MEAN?
Researchers who have tested the vulnerabilities themselves state that all of them require that the system administrator failed to properly setup the MySQL server, or the firewall installed in front of it. Yet, they admit that the disclosures are legitimate, and they need to be fixed.
Shared hosting servers often give subscribers access to click a button to install mysql…
How well is that install configured?
If you are shopping online – 1) BE VERY CAREFUL! 2) Do not click links in emails EVER! 3) If there is something you want to buy – go directly to the web address of a trusted vendor. 4) Carefully monitor your creditcards!
If you have a website you run – we hope you know what you are doing and that you have strong passwords for all users and pay attention to permissions, only use pluggins and modules published by vendors and developers you trust.