Right off the top, I want to say that I can't find a security section in this forum, so my apologies if this is the wrong section.
I"m fairly new to WP, and like it a lot, except that I hear sites are being hacked frequently, and as the subject says, I've been hacked as well. I run an assortment of plugins to scan and help prevent this sort of thing. Someone from an IP in Amsterdam managed to somehow create an account? Just a publishing account, but still they created an account. How is this possible? So far I haven't found any damage or even any hidden code. I've removed all uneeded plugins and the default themes.
My web logs shows the prick logging in somehow after some kind of hack, updating his profile and then logging out. I can add the web log entries if that helps.
What is the best plan for dealing with these cretins? I have disabled registration, so that *may* help.
Any pointers would be great.