Apache Web Server Attacks Continue to Evolve
Tony Perez For the past few months we have seen a gradual increase in server-level compromises. In fact, every week it seems we’re handling half a dozen…
Month: April 2013
14 posts
LivingSocial Hacked — More Than 50 Million Accounts Compromised
Just as we were thinking we were going to avoid any major enterprise compromises this week, LivingSocial announces that it has been compromised and some…
Apache Binary Backdoors on Cpanel-based servers
Daniel Cid For the last few months we have been tracking server level compromises that have been utilizing malicious Apache modules (Darkleech) to inject malware into websites.…
Joomla Version 2.5.10 Released – Security Updates
This morning the Joomla development team released a new version of the Joomla platform. This is a Security release, so please be sure to update…
Update WP Super Cache and W3TC Immediately – Remote Code Execution Vulnerability Disclosed
Shame on us for not catching this a month ago when it was first reported, but it seems that two of the biggest caching plugins…
Cyber Criminals Take Advantage of Recent Boston Attack with SPAM
It pains me to write about this at all, but as despicable as this might appear, cyber criminals have started to take advantage of those…
The WordPress Brute Force Attack Timeline
Authored by Daniel Cid, Tony Perez. We have been blogging about the massive brute force attacks against WordPress websites over the past few days, today…
WordPress Malicious Plugin – WPPPM – Abusing 404 Redirects with SEO Poisoning
Bruno Borges, of our security team, came across an interesting case this week, in which a WordPress plugin was abusing the 404 rewrite rules and…
Brute Force Attacks and Their Consequences
There is a lot of interesting discussion across the interwebs on the intention of the latest string of brute force attacks. While I can’t repudiate…
Mass WordPress Brute Force Attacks? – Myth or Reality
We are seeing in the media some noise about a large distributed brute force attacks against all hosts targeting WordPress sites. According to reports, they…
Protecting Against WordPress Brute-Force Attacks
It was not long ago that I was sitting on a call with other members of the WordPress community in which we were talking abou…