There are news reports of new Wordpress XML-PRC brute force attacks being seen in the wild. The SANS Internet Storm Center also has a Diary entry showing similar data. We have captured similar attacks in our web honeypots so we wanted to share more data with the community. Please reference earlier blog posts we have done related to Wordpress:
- Wordpress XML-RPC Pingback Vulnerability Analysis
- Defending Wordpress Logins from Brute Force Attacks
Thanks goes to my SpiderLabs Research colleague Robert Rowley for help in validating data for this blog post.