Hacked Reuters blog appears still unpatched

By on
Hacked Reuters blog appears still unpatched

Site still running a vulnerable version of Wordpress.

News service Reuters appears to still be running the same outdated version of WordPress that allowed its blogging platform to be compromised by attackers last week.

Attackers published fake blog posts on Friday, including a purported interview with the leader of the Free Syrian Army.

Mark Jaquith, one of the lead developers behind WordPress, told The Wall Street Journal that  Reuters had been running version 3.1.1 instead of the latest version, 3.4.1. There are at least 20 reported vulnerabilities in version 3.1.1.

While blogs.reuters.com was taken offline shortly after the attack, the site is again operational. But it may be still running a vulnerable version.

Following a tweet Tuesday by security blogger Brian Krebs, SC analysed the HTML source code on the Reuters blog site and found a line in the header section indicating the page was generated using WordPress version 3.1.1.

WordPress developers have implemented update notifications and a self-updating feature to help users stay in line with the latest security patches.

Considering how easy it is to update the core WordPress installation, the fact that Reuters came back online with outdated software is surprising.

The company did not respond to a request for comment.

"Updating the software you use is a basic step in improving your security posture, yet too often we see evidence of a lack of execution in this area," Rapid7 security researcher Marcus Carey said.

Attackers originally broke into the blog platform and published fake news stories on Friday.

One of the fake stories that had been published on the blog platform was an alleged interview with Riad Al-Assad claiming the Free Syria Army was withdrawing from Aleppo, the nation's largest city and a key battleground in the fight between rebels and regime forces.

A follow-up attack came on Sunday, when attackers took control of the @ReutersTECH Twitter account and posted 22 different messages, such as reports of a rebel exodus from Aleppo and claims that the United States was providing financial and technical support to Al-Qaeda operatives in Syria.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

You must be a registered member of iTnews to post a comment.
| Register

Poll

How should the costs of Australia's piracy scheme be split?
Rights holders should foot the whole bill
50/50
ISPs should foot the whole bill
Government should chip in a bit
Other
Flash is heading towards its grave, and that's...
Great! Good riddance
Sad! Flash had some good qualities
Irrelevant. I don't care
What's Flash?
View poll archive

Whitepapers from our sponsors

What will the stadium of the future look like?
What will the stadium of the future look like?
New technology adoption is pushing enterprise networks to breaking point
New technology adoption is pushing enterprise networks to breaking point
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
The next era of business continuity: Are you ready for an always-on world?
The next era of business continuity: Are you ready for an always-on world?

Log In

Username:
Password:
|  Forgot your password?