Blog Search
Like Box
Comments
- Dreamhost hacked, mass password-reset issued | ZDNet on DreamHost Security Issue Prompts FTP Password Resets
- Experiences with using GoDaddy, Linux Web Hosting | The (Unorganized) Musings of a Computer Scientist on GoDaddy store your passwords in clear-text and may try to SSH to your VPS without permission
- » Wordpress Security Best Practices & Plugins on Timthumb.php Mass Infection – Aftermath – Part I
- WordPress.org repository will not show plugins older than 2 years on WP-phpmyadmin WordPress plugin – Delete it now
- Wordpress News - The Best WordPress Tips and Tutorials of 2011Wordpress News on Cleaning up an infected website – Part I: WordPress and the Pharma Hack
Tags
alexa apache ask awareness backdoors blacklist blacklisted bluehost dns fox georgia godaddy google guides hacked history honeypot htaccess iis joomla logs malware malware_updates netsol openx oscommerce ossec passwords pharma phishing plugin review sbn scan security spam stats sucuri twitter vbulletin virus vulnerability walmart whois wordpressArchives
- January 2012 (6)
- December 2011 (4)
- November 2011 (4)
- October 2011 (7)
- September 2011 (8)
- August 2011 (16)
- July 2011 (5)
- June 2011 (10)
- May 2011 (10)
- April 2011 (15)
- March 2011 (18)
- February 2011 (13)
- January 2011 (7)
- December 2010 (7)
- November 2010 (9)
- October 2010 (12)
- September 2010 (10)
- August 2010 (7)
- July 2010 (10)
- June 2010 (15)
- May 2010 (19)
- April 2010 (16)
- March 2010 (15)
- February 2010 (8)
- January 2010 (7)
- December 2009 (4)
- November 2009 (1)
- October 2009 (2)
- September 2009 (1)
- August 2009 (6)
- July 2009 (11)
- June 2009 (7)
- May 2009 (4)
- April 2009 (1)
Monthly Archives: August 2009
apache.org hacked?
Apache.org was down for a while this morning and shortly after they released a note about a compromise: This is a short overview of what happened on Friday August 28 2009 to the apache.org services. A more detailed post will … Read more
servage.net mass defaced again
It seems that http://www.servage.net/ has been mass defaced again. It is not the first time I hear about them, but it seems they get hacked way too often. My suggestion: Host your pages on private/dedicated servers (some are as cheap … Read more
WordPress <= 2.8.3 Remote admin reset password
How to annoy a wordpress admin? By changing his password without confirmation… WordPress get_row($wpdb->prepare(“SELECT * FROM $wpdb->users WHEREuser_activation_key = %s”, $key)); if ( empty( $user ) ) return new WP_Error(‘invalid_key’, __(‘Invalid key’));…[snip]….line 276:$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : ‘login’;$errors = … Read more
The curiosity killed the cat
During the last few months we have been releasing numerous free online tools at Sucuri. One to scan web sites for security issues, another one to text-browse sites, one to check if a twitter account is spammer and a few … Read more
Twitter is down, productivity is up
Twitter has been down for more than one hour today and I suddenly noticed an increased productivity from my peers… any correlation? Maybe that’s related to the latest “worm”, where thousands of users were posting “Today was so exciting! Made … Read more
Cisco leaking private IP addresses via DNS
One of the first things I learned while setting up my DNS servers was to never leak internal IP addresses to the outside world. Well, it seems that Cisco haven’t learned it yet.. $ host pop.cisco.compop.cisco.com has address 10.48.73.66$ host … Read more
