Over the past 3-4 days there has been a widespread, distributed attack on WordPress sites according to this article by TechCrunch.
The attacks use bots to attempt a brute force attack on WordPress installations using the default “admin” username and a dictionary of passwords.
Many websites, including ours, run on WordPress. It is recommended that you use a different administrative username and a strong password. Even if you are using a different administrative username, you should still use a strong password. See our article – 5 Tips To Help You To Secure and Manage Your Passwords – on tips for strong password creation.
The attacks have died down over time, and many ISPs have put in measures to secure their users. Our ISP put out this notice yesterday. But this is no reason to relax. Security is about eternal vigilance, and you can bet that the next wave is coming.