Monthly Archives: November 2010

WordPress 3.0.2 released (security update)

Posted on November 30, 2010 by David Dede

If you’re using WordPress, make sure and update to the latest version (3.0.2) as soon as possible. Especially if you have multiple authors with access to your blog/site. Details about the security issue fixed: This maintenance release fixes a moderate … Read more


Posted in security, wordpress | Tagged , | 2 Comments

Savannah.gnu.org hacked and currently offline

Posted on November 30, 2010 by David Dede

We’ve learned that savannah.gnu.org (used as a central code repository for many GNU projects – gcc, etc) has been hacked and is currently offline. They posted some details on their site explaining what is going on: savannah.gnu.org Savannah is currently … Read more


Posted in hacked | Tagged | 1 Comment

Yet Another WordPress Security Post – Part One

Posted on November 30, 2010 by Dre Armeda

At the end of October we had the opportunity to attend WordCamp Las Vegas. WordCamp’s are great events organized in various cities/countries by the WordPress community to discuss, learn, and teach all things WordPress. If you’ve never attended one, I … Read more


Posted in awareness, security, sucuri, wordpress | Tagged , , , | 10 Comments

Secunia defaced? DNS hijacked?

Posted on November 25, 2010 by David Dede

Secunia is a very popular security company, specialized in vulnerability intelligence, security management, and things like that. However, yesterday evening, everyone visiting their site received a special “defaced” message (“System down – get babana, hacked by turkguvenligi”): What happened? Did … Read more


Posted in hacked, secunia | Tagged , | 2 Comments

osCommerce attacks and nt07.in, nt06.in, etc

Posted on November 20, 2010 by David Dede

We posted yesterday about a series of attacks against osCommerce sites using some russian domains to push the malware (generally the fake AV). We also posted details on how to fix and secure osCommerce to protect against those: http://blog.sucuri.net/2010/11/continuing-attacks-against-oscommerce-sites.html However, … Read more


Posted in blacklisted, hacked, malware, oscommerce | Tagged , , , | 1 Comment

Continuing attacks against osCommerce sites

Posted on November 19, 2010 by David Dede

We are seeing an increase in the number of osCommerce sites hacked lately, and we recommend anyone using it to take precautions to avoid getting hacked and/or reinfected. On most of the sites we’ve analyzed so far, the attackers used … Read more


Posted in blacklisted, hacked, malware, oscommerce | Tagged , , , | 5 Comments

Google blacklist – No way to request a review for the last two days

Posted on November 8, 2010 by David Dede

We are seeing a big issue on Google for the last few days. Whenever a site got blacklisted, you had the option to request a review after the site was clean. Something like that:


Posted in blacklisted, google | Tagged , | 2 Comments

Malware update: inininininininin.in (and oscommerce)

Posted on November 5, 2010 by David Dede

Quick malware update: We are seeing many osCommerce sites infected with malware managed by inininininininin.in, comcomcomcomcomcom.com and a few others. All the domains involved are hosted at 91.204.48.45. These domains were registered by myid37@gmail.com, which is also involved on other … Read more


Posted in malware_updates, oscommerce | Tagged , | 5 Comments

Alexa top sites – Blacklist for October

Posted on November 3, 2010 by David Dede

Every month we analyze Alexa’s TOP 1 million site ranking and correlate that data with Google’s blacklist. Our goal is to get an overall view of the sites that are getting hacked, blacklisted, etc. For OCT-2010, the number is pretty … Read more


Posted in alexa, blacklisted | Tagged , | 1 Comment
RSS Delicious