Monthly Archives: May 2011

VBulleting SQL injection vulnerability – Update now

Posted on May 30, 2011 by David Dede

A serious SQL injection vulnerability was reported on Vbulletin (4.0.x, 4.1.0, 4.1.1 and 4.1.2) last month and we are starting to see it being used to attack and infect forums using it. The vulnerability is very simple and explained here: … Read more


Posted in vbulletin, vulnerability | Tagged , | 1 Comment

Understanding .htaccess attacks – Part 1

Posted on May 27, 2011 by David Dede

Attackers have been using the .htaccess file for a while. They use this file to hide malware, to redirect search engines to their own sites (think blackhat SEO), and for many other purposes (hide backdoors, inject content, to modify the … Read more


Posted in htaccess, malware, malware_updates, vulnerability | Tagged , , , | 10 Comments

WordPress 3.1.3 available (security fixes)

Posted on May 25, 2011 by David Dede

If you are using WordPress, make sure to upgrade it now. The version 3.1.3 was just released with a few security fixes: * Various security hardening by Alexander Concha. * Taxonomy query hardening by John Lamansky. * Prevent sniffing out … Read more


Posted in security, wordpress | Tagged , | 1 Comment

LizaMoon SQL injections (ur.php) – Now vcvsta.com, asweds.com, etc.

Posted on May 25, 2011 by David Dede

A couple of months ago the Lizamoon malware / Mass SQL injection was getting a lot of news coverage that it could be affecting hundreds of thousands of sites. The media mostly forgot about it, but we kept tracking those … Read more


Posted in hacked, iis, malware, malware_updates | Tagged , , , | 3 Comments

osCommerce malware: Cannot redeclare corelibrarieshandler

Posted on May 19, 2011 by David Dede

We have been posting for a while about attacks targeting and infecting thousands of osCommerce sites (CreateCSS, div_colors, etc) and the importance of keeping it updated and secure. If you think things have been improving, just for the last few … Read more


Posted in malware, malware_updates, oscommerce | Tagged , , | 2 Comments

ASK Sucuri: Why does my site keep getting reinfected?

Posted on May 11, 2011 by Daniel Cid

If you have any question about malware, blacklisting, or security in general, send it to us: contact@sucuri.net and we will answer here. For all the “ask sucuri” answers, go here. Question: Why does my site keep getting hacked / reinfected? … Read more


Posted in ask, sucuri | Tagged , | 3 Comments

LastPass hacked? Forcing users to change their master passwords

Posted on May 5, 2011 by David Dede

If you are a LastPass user, you will be forced to change your master password in order to continue using the service. We just read some worrying news that they might be hacked. Yes, “might”. It is more worrying because … Read more


Posted in hacked | Tagged | 2 Comments

WP-DBManager Security update (serious issue)

Posted on May 4, 2011 by David Dede

Just a quick note that if you are using the WordPress WP-DBManager plugin, make sure to update it as soon as possible. Old versions of the plugin (


Posted in vulnerability, wordpress | Tagged , | Leave a comment

Are WordPress users taking care of their security? State of Blog Security – Part I

Posted on May 4, 2011 by David Dede

Almost two years ago we published an article on the “state of blog security” (focused on WordPress) where we checked the percentage of blogs that were taking care of their security properly. We checked if they had WordPress updated and … Read more


Posted in security, wordpress | Tagged , | 1 Comment

TheWebbyAwards hacked and compromised with Blackhat SEO

Posted on May 4, 2011 by David Dede

The WebbyAwards web site ( www.webbyawards.com/ ) is currently hacked and compromised with Blackhat SEO. If you try to search for it on Google you will get a warning saying that “This site may be compromised”: And if you look … Read more


Posted in blacklisted, hacked | Tagged , | 2 Comments
RSS Delicious