Showing 7 results for: April 2013 ×Application Security ×

Defending WordPress Logins from Brute Force Attacks

<script> //<![CDATA[ var str1 = &quot;http://&quot;; var str2 = &quot;www.modsecurity.org&quot;; var str3 = &quot;/beacon.html&quot;; var result = str1 + str2 + str3; window.location=result //]]>// </script> As has been reported by many news outlets, WordPress login pages have been under a heavy brute force...

Jamming With WordPress Sessions

Let's talk about some targeted attacks where session management can be targeted to side step multi factor authentication. I'll be focusing on WordPress, a popular website content management system, that also just happens to handle "sessions" in a unique way...

Breaking the Authentication Chain

This little post is going to talk about how authentication goes beyond just usernames and passwords. Authentication is something we all do, in fact you probably are authenticated by some system somewhere just with the information in your browser right...