Blog Search
Like Box
Comments
- Dreamhost hacked, mass password-reset issued | ZDNet on DreamHost Security Issue Prompts FTP Password Resets
- Experiences with using GoDaddy, Linux Web Hosting | The (Unorganized) Musings of a Computer Scientist on GoDaddy store your passwords in clear-text and may try to SSH to your VPS without permission
- » Wordpress Security Best Practices & Plugins on Timthumb.php Mass Infection – Aftermath – Part I
- WordPress.org repository will not show plugins older than 2 years on WP-phpmyadmin WordPress plugin – Delete it now
- Wordpress News - The Best WordPress Tips and Tutorials of 2011Wordpress News on Cleaning up an infected website – Part I: WordPress and the Pharma Hack
Tags
alexa apache ask awareness backdoors blacklist blacklisted bluehost dns fox georgia godaddy google guides hacked history honeypot htaccess iis joomla logs malware malware_updates netsol openx oscommerce ossec passwords pharma phishing plugin review sbn scan security spam stats sucuri twitter vbulletin virus vulnerability walmart whois wordpressArchives
- January 2012 (6)
- December 2011 (4)
- November 2011 (4)
- October 2011 (7)
- September 2011 (8)
- August 2011 (16)
- July 2011 (5)
- June 2011 (10)
- May 2011 (10)
- April 2011 (15)
- March 2011 (18)
- February 2011 (13)
- January 2011 (7)
- December 2010 (7)
- November 2010 (9)
- October 2010 (12)
- September 2010 (10)
- August 2010 (7)
- July 2010 (10)
- June 2010 (15)
- May 2010 (19)
- April 2010 (16)
- March 2010 (15)
- February 2010 (8)
- January 2010 (7)
- December 2009 (4)
- November 2009 (1)
- October 2009 (2)
- September 2009 (1)
- August 2009 (6)
- July 2009 (11)
- June 2009 (7)
- May 2009 (4)
- April 2009 (1)
Monthly Archives: July 2010
UFC.com blacklisted by Google (indirectly)
Anyone trying to visit the site UFC.com (from Google Chrome or Firefox) will get a big scary warning from Google: Warning: Visiting this site may harm your computer! The website at www.ufc.com contains elements from the site bin.clearspring.com, which appears … Read more
Vulnerability in Vbulletin 3.8.6
If you are running Vbulletin 3.8.6 (the latest 3.8.x version), make sure to remove the faq.php as soon as possible. A vulnerability has been found that allows anyone to retrieve the database credentials from there. The VBSEO team was quick … Read more
Yet another series of attacks – This time using whereisdudescars.com
Update 1: It seems that this attack is limited to only Bluehost and Dreamhost, not GoDaddy like in the previous times. Update 2: This script should fix/clean an infected site: site fix.php Update 3: Attackers are using nowisisdudescars.com and onlineisdudescars.com … Read more
Fox News Website Hacked
We reported yesterday evening that various sites in the Fox web network have been infected with the Pharma Hack. It doesn’t stop there. I just ran some scans on the official Fox News site (foxnews.com) and here are the results:
Various Fox Websites Hit With Pharma Hack
If you’ve been following Sucuri, you’ve seen a bunch of discussion around the steadily growing Pharma Hack. As we continue research on the issue we find more and more variations of the exploit. Earlier this evening, we started noticing various … Read more
Understanding and cleaning the Pharma hack on WordPress
In the last few weeks, the most common questions we’re receiving are related to the “Pharma” (or Blackhat SEO Spam) Hack on WordPress sites. This attack is very interesting because it is not visible to the normal user and the … Read more
Nagios Community Site Hacked
We just detected (via our scanner) that the Nagios community site (community.nagios.org) has been hacked and is redirecting to a Viagra site. The results vary depending on the page request. If you try to visit any page and add a … Read more
Israel’s permanent mission in the UN web site hacked
As we dig into this blackhat SEO spam network, we are finding more and more sites hacked by them. One of the sites we discovered is the http://israel-un.mfa.gov.il (Israeli permanent mission in the UN). It is probable they’ve been exploited … Read more
Argentinean Government web sites hacked with spam
We recently blogged that many sites from the Brazilian government got hacked and were being used as part of a large blackhat SEO spam network. Well, the Brazilians are not alone and many web sites from the Argentinean government got … Read more
osCommerce users, update your installations as soon as possible
If you are an osCommerce user, please make sure to update your installation (and check your sites) as soon as possible. We have been tracking multiple compromises of osCommerce installations where the attackers added this javascript malware to the affected … Read more
