Blog Search
Like Box
Comments
- The WPCandy Podcast #32: "Uncle Ben's plugin list" | WPCandy on Official WordPress Plugin Directory – Forcing Plugin Updates
- Is your website clean? | Life Currents on Links Injection on WordPress – Blackhat SEO Spam (basicpills) update
- Technology News on Blog Comments – Analysing 100,000 Comments and Spammers
- user on Removing Malware from a WordPress blog – Case Study
- Brand Development on Walmart web site hacked and hosting spam
Tags
alexa apache ask awareness backdoors blacklist blacklisted bluehost data dns education fox godaddy google guides hacked history honeypot htaccess iis joomla logs malware malware_updates netsol openx oscommerce ossec passwords pharma phishing php plugin scan security spam stats sucuri twitter updates vbulletin virus vulnerability walmart wordpressArchives
- May 2012 (7)
- April 2012 (15)
- March 2012 (12)
- February 2012 (6)
- January 2012 (6)
- December 2011 (4)
- November 2011 (4)
- October 2011 (7)
- September 2011 (8)
- August 2011 (16)
- July 2011 (5)
- June 2011 (10)
- May 2011 (10)
- April 2011 (15)
- March 2011 (18)
- February 2011 (13)
- January 2011 (7)
- December 2010 (7)
- November 2010 (9)
- October 2010 (12)
- September 2010 (10)
- August 2010 (7)
- July 2010 (10)
- June 2010 (15)
- May 2010 (19)
- April 2010 (16)
- March 2010 (15)
- February 2010 (8)
- January 2010 (7)
- December 2009 (4)
- November 2009 (1)
- October 2009 (2)
- September 2009 (1)
- August 2009 (6)
- July 2009 (11)
- June 2009 (7)
- May 2009 (4)
- April 2009 (1)
Monthly Archives: June 2011
WordPress 3.1.4 available – Time to update
If you are running WordPress, it is time to update it now. WordPress v3.1.4 was just released with security fixes for all the previous versions (specially important with you have users with the editor-level permissions): From the WordPress blog: WordPress … Read more
Phishing phone calls – Onlinesupport.com
It was early morning (around 8am) and I received a phone call from someone asking for me by name (using a private number and with a strong Indian accent): Caller: Hello, Can I speak with XX?” (my real name) Me: … Read more
WP-phpmyadmin WordPress plugin – Delete it now
If you are using the WP-phpmyadmin WordPress plugin, delete it now. We are seeing multiple sites getting hacked through it and we are investigating what is going on. On all the sites we’ve analyzed, the following code was found inside … Read more
Posted in phpmyadmin, plugin, vulnerability, wordpress
Tagged phpmyadmin, plugin, vulnerability, wordpress
25 Comments
WordPress plugins hacked – Understanding the backdoor
If you haven’t heard about it already, yesterday three popular WordPress plugins (AddThis, WPtouch, and W3 Total Cache) had a malicious backdoor added to them via the plugin repository. That lead to WordPress.org resetting all passwords as a precaution. You … Read more
Backup, backup and backup
We just heard of a sad story about an Australian web hosting company (Distribute.IT) that was hacked and all of the sites they hosted were deleted (almost 5 thousand of them). What’s even worse is that the attackers deleted and … Read more
Google blacklisted all the .cz.cc domains
It seems that Google just blacklisted all the sites under the .cz.cc main domain (including the nic.cz.cc, start.cz.cc and all others). In their status page Google says: Has this site acted as an intermediary resulting in further distribution of malware? … Read more
Blackhat SPAM SEO From Joomlapoject.net – Targeting Joomla
We are tracking another Blackhat SEO SPAM network being managed by http://joomlapoject.net. By the name of the domain, you can guess that they are targeting Joomla sites. When you visit a compromised site, you don’t see anything wrong, but if … Read more
Information Leakage on multiple WordPress themes by WooThemes
This weekend there was a post on the Full disclosure list about multiple vulnerabilities on some WordPress themes by WooThemes. This is what the message said: Vulnerable are the next themes by WooThemes: Live Wire (all three themes from Live … Read more
Sony Music Brazil hacked (yet another sony defacement)
I hate to pick on Sony, but they got hacked again (and no, I am not talking about the Lulzsec + sonypictures, this is another one). This time was Sony Music Brazil, which was defaced yesterday night and STILL is … Read more
Links Injection on WordPress – Blackhat SEO Spam (basicpills) update
For the last few months we’ve been tracking a very large blackhat SEO spam campaign initiated by basicpills.com, and many other pharma-related domains (mostly located at 212.117.161.190 and 212.117.168.214). The method used is very simple, where the attackers inject a … Read more
Posted in malware, malware_updates, pharma, spam
Tagged malware, malware_updates, pharma, spam, wordpress
3 Comments
