widespread "brute force" attack against WordPress
Do you have a WordPress account ? If so, I wanted to let you know about an attack on WordPress sites that started earlier this week, and what you can do to protect yourself.
On Tuesday, a widespread "brute force" attack against WordPress started impacting sites across the internet. This attack is leveraging a botnet, which looks to have more than one hundred thousand different computers at its disposal. Its intent is very simple: to find and compromise WordPress sites with simple passwords, likely to use them later to distribute malware (and further increase the size of the botnet).
Also, and can't stress this enough, I urge you to check your WordPress password and make sure it's a strong one. The strong password guidelines in our Knowledgebase refer to your WP account password, but that advice is good for WordPress passwords, too!
Be vigilant against a returning or altered attack. You could be next. Please keep all your passwords strong and change them often.