Blog Search
Like Box
Comments
- Dreamhost hacked, mass password-reset issued | ZDNet on DreamHost Security Issue Prompts FTP Password Resets
- Experiences with using GoDaddy, Linux Web Hosting | The (Unorganized) Musings of a Computer Scientist on GoDaddy store your passwords in clear-text and may try to SSH to your VPS without permission
- » Wordpress Security Best Practices & Plugins on Timthumb.php Mass Infection – Aftermath – Part I
- WordPress.org repository will not show plugins older than 2 years on WP-phpmyadmin WordPress plugin – Delete it now
- Wordpress News - The Best WordPress Tips and Tutorials of 2011Wordpress News on Cleaning up an infected website – Part I: WordPress and the Pharma Hack
Tags
alexa apache ask awareness backdoors blacklist blacklisted bluehost dns fox georgia godaddy google guides hacked history honeypot htaccess iis joomla logs malware malware_updates netsol openx oscommerce ossec passwords pharma phishing plugin review sbn scan security spam stats sucuri twitter vbulletin virus vulnerability walmart whois wordpressArchives
- January 2012 (6)
- December 2011 (4)
- November 2011 (4)
- October 2011 (7)
- September 2011 (8)
- August 2011 (16)
- July 2011 (5)
- June 2011 (10)
- May 2011 (10)
- April 2011 (15)
- March 2011 (18)
- February 2011 (13)
- January 2011 (7)
- December 2010 (7)
- November 2010 (9)
- October 2010 (12)
- September 2010 (10)
- August 2010 (7)
- July 2010 (10)
- June 2010 (15)
- May 2010 (19)
- April 2010 (16)
- March 2010 (15)
- February 2010 (8)
- January 2010 (7)
- December 2009 (4)
- November 2009 (1)
- October 2009 (2)
- September 2009 (1)
- August 2009 (6)
- July 2009 (11)
- June 2009 (7)
- May 2009 (4)
- April 2009 (1)
Monthly Archives: April 2010
Walmart community web site still hacked
Remember a few weeks ago when we reported that the official web site for the Walmart Community Action Network was hacked and hosting SEO spam? Well, it seems that they removed the previous spam and also upgraded WordPress to latest … Read more
SunTrust phishing – case study
Last week we were called to fix a Joomla site that got blacklisted and had some malware on it. Nothing unusual as we do that many times a day. However, after some analysis of the site, we found a directory … Read more
A new place to hide web-based malware: php.ini + cgi-bin
We got a call this weekend from a desperate site owner that had just found out that his site was hacked and hosting malware. He was fairly technical and checked everywhere for it. He even reverted back to an old … Read more
Network Solutions update and some numbers
I am getting a lot of questions via email or via the comments on what to do if a site hosted at Network Solutions is currently with malware or blacklisted. Network Solutions issued an update explaining what to do: http://blog.networksolutions.com/2010/what-to-do-when-your-site-is-showing-a-malware-warning-page/ … Read more
Hostek is putting their customers at risk
If you are hosting your site at Hostek.com, you are probably at a higher risk of being hacked. Why? Because they do not do the proper separation of accounts internally, so anyone can access the pages of everyone else. How … Read more
Network Solutions hacked again
Network Solutions is getting hacked again. Just today we were notified of more than 50 sites hacked with the following malware javascript:If we decode this javascript, we see that it is injecting this iframe from http://corpadsinc.com/grep/ : document.write (s) < … Read more
Walmart web site hacked and hosting spam
A few days ago someone contacted us asking for help to clean up their site. They got hacked and the attacker added a bunch of spam links to it. We fixed it for them and we decided to search for … Read more
Conditional redirects (or the htaccess malware)
We see all types of malware daily, but one of them seems to cause a lot of confusion to our users (and everyone in general). This is the common question we hear: “Some users are complaining that when they search … Read more
Details on the Network Solutions / WordPress mass hack
Update 1: The attack continues! Now they are using the domain http://mainnetsoll.com/grep/. Make sure to fix your wp-config and change your database password ASAP. Update 2: A quick fix if you can’t change your database password. Set the WP_SITEURL inside … Read more
Mass infection of WordPress blogs at Network Solutions
Since yesterday we are seeing a large number of WordPress blogs (running the latest version 2.9.2) getting infected with malware. None of them are using the same plugins or the same themes. Some of them even have wp-admin access blocked … Read more
