<div dir="ltr">Just FYI for others who may not have been alerted yet.<br clear="all"><div><div dir="ltr"><div><br>...Skeeve</div><div><br></div><div><div><b style="font-size:13px;font-family:Calibri">Skeeve Stevens - </b><span style="font-size:13px;font-family:Calibri">eintellego Networks Pty Ltd</span></div>
<div><div><span style="font-family:Calibri;font-size:13px"><a href="mailto:skeeve@eintellegonetworks.com" target="_blank">skeeve@eintellegonetworks.com</a> ; <a href="http://www.eintellegonetworks.com/" target="_blank">www.eintellegonetworks.com</a></span><font><p style="font-family:Calibri;font-size:13px;margin:0px">
Phone: 1300 239 038; Cell +61 (0)414 753 383 ; <a>skype://skeeve</a></p><p style="font-family:Calibri;font-size:13px;margin:0px"><a href="http://facebook.com/eintellegonetworks" target="_blank">facebook.com/eintellegonetworks</a> ; <a href="http://twitter.com/networkceoau" target="_blank"></a><a href="http://linkedin.com/in/skeeve" target="_blank">linkedin.com/in/skeeve</a> </p>
<p style="font-family:Calibri;font-size:13px;margin:0px"><a href="http://twitter.com/theispguy" target="_blank">twitter.com/theispguy</a><span style="color:rgb(0,0,0)"> ; blog: </span><a href="http://www.theispguy.com/" target="_blank">www.theispguy.com</a><br>
</p><p style="font-family:Calibri;font-size:13px;margin:0px"><img src="http://eintellegonetworks.com/logos/ein09.png"><br></p><p style="margin:0px"><span style="color:rgb(127,0,127);font-family:Calibri,sans-serif;font-size:13px">The Experts Who The Experts Call</span></p>
</font></div><div style="font-family:Calibri,sans-serif;font-size:14px;color:rgb(127,0,127)"><span style="color:rgb(0,32,96);font-size:13px">Juniper - Cisco </span><span style="color:rgb(0,32,96);font-size:13px">- Cloud</span><span style="color:rgb(0,32,96);font-size:13px"> </span><span style="color:rgb(0,32,96);font-size:13px">- Consulting</span><span style="color:rgb(0,32,96);font-size:13px"> </span><span style="color:rgb(0,32,96);font-size:13px">- IPv4 Brokering</span></div>
</div></div></div></div>
<br><br><div class="gmail_quote">---------- Forwarded message ----------<br>From: <b class="gmail_sendername">cert australia</b> <span dir="ltr"><<a href="mailto:info@cert.gov.au">info@cert.gov.au</a>></span><br>Date: Thu, Jul 10, 2014 at 11:59 AM<br>
Subject: WordPress site xxx participating in DDoS [OPS-28294]<br>To: xxx, cert australia <<a href="mailto:info@cert.gov.au">info@cert.gov.au</a>><br>Cc: CERT Australia <<a href="mailto:info@cert.gov.au">info@cert.gov.au</a>><br>
<br><br><u></u>
<div><table border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody><tr>
<td align="center" bgcolor="#c7c7c7">
<table style="margin:0 10px" border="0" cellpadding="0" cellspacing="0" width="640">
<tbody><tr><td height="20" width="640"></td></tr>
<tr>
<td width="640">
<table bgcolor="#FFFDFC" border="0" cellpadding="0" cellspacing="0" width="640">
<tbody><tr>
<td width="15"></td>
<td align="left" valign="middle" width="350">
<table border="0" cellpadding="0" cellspacing="0" width="350">
<tbody><tr><td height="8" width="350"></td></tr>
</tbody></table>
<div><span>Computer Emergency Response Team Australia</span></div>
<table border="0" cellpadding="0" cellspacing="0" width="350">
<tbody><tr><td height="8" width="350"></td></tr>
</tbody></table>
</td>
<td width="30"></td>
<td align="right" valign="middle" width="255">
<table border="0" cellpadding="0" cellspacing="0" width="255">
<tbody><tr><td height="8" width="255"></td></tr>
</tbody></table>
<table border="0" cellpadding="0" cellspacing="0">
<tbody><tr>
</tr>
</tbody></table>
<table border="0" cellpadding="0" cellspacing="0" width="255">
<tbody><tr><td height="8" width="255"></td></tr>
</tbody></table>
</td>
<td width="15"></td>
</tr>
</tbody></table>
</td>
</tr>
<tr>
<td align="center" bgcolor="#FFFDFC" width="640">
<div style="text-align:center" align="center">
<a href="https://www.cert.gov.au" target="_blank">
<img label="Header Image" src="cid:wordpress_pingback_banner" style="display:inline" align="top" border="0" width="640">
</a>
</div>
</td>
</tr>
<tr><td bgcolor="#ffffff" height="30" width="640"></td></tr>
<tr><td bgcolor="#ffffff" width="640">
<table align="left" border="0" cellpadding="0" cellspacing="0" width="640">
<tbody><tr>
<td width="30"></td>
<td width="580">
<u></u>
<u></u>
<table border="0" cellpadding="0" cellspacing="0" width="580">
<tbody><tr>
<td width="580">
<div align="left">
<u></u>
<p>Hello,</p>
<p>Your website has been reported as participating in a Distributed Denial of Service (DDoS) attack on another website.</p>
<p>The website affected is: xxx</p>
<p>If you have already dealt with this issue or the details above are incorrect, please disregard this notice.</p>
<p>A recent vulnerability in all versions of WordPress has been identified, which allows a remote attacker to abuse WordPress websites to conduct attacks on other websites.</p>
<p>The WordPress vulnerability relates to a legitimate piece of functionality, known as XML-RPC, which is turned on by default and provides some legitimate, however often unused functionality such as pingback and mobile phone remote access.</p>
<p>As the functionality is legitimate yet this website has been abused to conduct attacks, we strongly suggest you assess the requirement for this WordPress functionality, and if unused please consider turning the feature off.</p>
<p>For further technical details on how to protect your WordPress website, or for news articles on the attack, please refer to the following links, or simply google the phrase "Wordpress DDoS".</p>
<ul>
<li><p><a href="http://arstechnica.com/security/2014/03/more-than-162000-legit-wordpress-sites-abused-in-powerful-ddos-attack/" target="_blank">http://arstechnica.com/security/2014/03/more-than-162000-legit-wordpress-sites-abused-in-powerful-ddos-attack/</a></p>
</li>
<li><p><a href="http://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html" target="_blank">http://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html</a></p>
</li>
<li><p><a href="http://labs.sucuri.net/?is-my-wordpress-ddosing" target="_blank">http://labs.sucuri.net/?is-my-wordpress-ddosing</a></p></li>
</ul>
<u></u>
</div>
<p align="left"><u></u>Contact<u></u></p>
<div align="left">
<u></u>
<p>If you require further information or assistance, please visit our website or contact us directly.
</p>
<p><font color="#2A457A">
<b>CERT Australia <br>Attorney-General's Department
</b></font></p>
<p>
Phone: 1300 172 499 or +61 2 6141 2999 <br>
Email: <a href="mailto:info@cert.gov.au" target="_blank">info@cert.gov.au</a> <br>
Web: <a href="http://www.cert.gov.au/" target="_blank">www.cert.gov.au</a> <br>
</p>
<u></u>
</div>
</td>
</tr>
<tr><td height="10" width="580"></td></tr>
</tbody></table>
<u></u>
<u></u>
</td>
<td width="30"></td>
</tr>
</tbody></table>
</td></tr>
<tr><td bgcolor="#ffffff" height="15" width="640"></td></tr>
<tr>
<td width="640">
<table bgcolor="#000000" border="0" cellpadding="0" cellspacing="0" width="640">
<tbody><tr><td width="30"></td><td height="30" width="360"></td><td width="60"></td><td width="160"></td><td width="30"></td></tr>
<tr>
<td width="30"></td>
<td valign="top" width="360">
<span><p align="left"><span></span></p></span>
<p align="left"><u></u>Protecting Our National Interests Online<u></u></p>
</td>
<td width="60"></td>
<td valign="top" width="160">
<p align="right"></p>
</td>
<td width="30"></td>
</tr>
<tr><td width="30"></td><td height="15" width="360"></td><td width="60"></td><td width="160"></td><td width="30"></td></tr>
</tbody></table>
</td>
</tr>
<tr><td height="60" width="640"></td></tr>
</tbody></table>
</td>
</tr>
</tbody></table></div>
</div><br></div>