If I had a quarter every time someone contacted us saying "look what I've hacked, please let the world know", I would probably have... well, let's just say I probably wouldn't have to work for a few weeks. It's rare that a compromise impresses me. It's not to say that it doesn't take special talent to commit the offense, it's just that such offenses are pretty common place and usually have poor motives. Truth is, on a long enough timeline and with the right resources, anything can be compromised. Even when someone bumps a power cord and causes our systems to reboot, my nerves shatter to a point that our forensic investigation over the matter can turn into a quagmire worse than a congressional hearing into fraud on Wall Street.

This evening I received some tweets to our account noting that 22 sites on Dream Host have been compromised. Considering the sites are not well known, it is not really that significant nor something we would normally publish an article over. However, I spent five seconds looking over the pastebin and noticed something interesting. The sites in question are primarily tax or fiscal related. If I was a betting man, I would venture to guess that all of these sites are sharing the same vulnerable third party software to run their business. So, if you are on the list at this link, I strongly suggest you look at what third party code you have installed and reinstall your OS, shelf the turn-key solution, and take the time to write code that keeps your system and your users secure. </$0.02>