Two security problems that have an impact on the searchenginemarket have become public in the last few days: Google did not secure their Cookie-management sufficiently enough and SEO-Uberbloggers from the USA have to deal with a scriptkiddy that is exploiting a bug in the popular WordPress blogsystem.
For a few days now, for its Blogger.com Google is offering the option to directly deliver the pages through a change in the DNS-entry of the domain to Google instead of sending the administered blogs through FTP to the owners domain. Google Blogoscoped has noticed that this domain, which has to be registered, is not being verified. This meant he just had to register a Google-subdomain and was then able read out the visitors cookies, which are bound to the domain due to security concerns, without any problems. This led to parts of the Googleaccount being compromised since Google records account data in the cookies so that the users does not always have to sign in again. Google quickly reacted and got rid of the security hole.
It is well known that popular and often used software is under special observation by
hackers crackers. This time it was WordPress who was targeted once again. It seems that a scriptkiddy has taken a list of the largest US-SEO-blogs and checked which of those were using WordPress. At those sites he applied his remote-exploit and changed the startpage a little. We can assume that this is , once again, enabled by variables that are not secured. The installation of mod_security and hardened php should help most of the times, even though it will not be able to something like this from happening at all.