Blog Search
Like Box
Comments
- Database Injection on Joomla Websites – yourstatscounter dot cz dot cc | Sucuri on LizaMoon Mass SQL injection (ur.php) – Updates
- How to do bulk Find and Replace in files using PHP | Nadeesha Cabral Blogs on Timthumb.php Security Vulnerability – Just the Tip of the Iceberg
- wordpress multiple blog themes on Information Leakage on multiple WordPress themes by WooThemes
- WordPressのテーマが改竄され不正なコードが挿入されたことの報告 | knowledge tree – ナレッジツリー on WP-phpmyadmin WordPress plugin – Delete it now
- Victim Of Malware Attack, Pharma Hack on Cleaning up an infected website – Part I: WordPress and the Pharma Hack
Tags
alexa apache ask awareness backdoors blacklist blacklisted bluehost dns fox georgia godaddy google guides hacked history honeypot htaccess iis joomla logs malware malware_updates netsol openx oscommerce ossec passwords pharma phishing plugin review sbn scan security spam stats sucuri twitter vbulletin virus vulnerability walmart whois wordpressArchives
- February 2012 (3)
- January 2012 (6)
- December 2011 (4)
- November 2011 (4)
- October 2011 (7)
- September 2011 (8)
- August 2011 (16)
- July 2011 (5)
- June 2011 (10)
- May 2011 (10)
- April 2011 (15)
- March 2011 (18)
- February 2011 (13)
- January 2011 (7)
- December 2010 (7)
- November 2010 (9)
- October 2010 (12)
- September 2010 (10)
- August 2010 (7)
- July 2010 (10)
- June 2010 (15)
- May 2010 (19)
- April 2010 (16)
- March 2010 (15)
- February 2010 (8)
- January 2010 (7)
- December 2009 (4)
- November 2009 (1)
- October 2009 (2)
- September 2009 (1)
- August 2009 (6)
- July 2009 (11)
- June 2009 (7)
- May 2009 (4)
- April 2009 (1)
Author Archives: dd
New WordPress ToolsPack Plugin
We deal with many compromised sites daily and lately we are seeing something in common across many of the sites running WordPress. They have installed a plugin called ToolsPack ( ./wp-content/plugins/ToolsPack/ToolsPack.php), which according to the author will “Supercharge your WordPress … Read more
Posted in hacked, malware, malware_updates, plugin, wordpress
Tagged hacked, malware, malware_updates, plugin, wordpress
Leave a comment
Malware Redirecting To Enormousw1illa.com
We are seeing a large number of sites compromised with a conditional redirection to the domain http://enormousw1illa.com/ (194.28.114.102). On all the sites we analyzed, the .htaccess file was modified so that if anyone visited the site from Google, Bing, Yahoo, … Read more
Posted in htaccess, malware, malware_updates
Tagged htaccess, malware, malware_updates
Leave a comment
Funny Spammers: Any Reproduction of This Document in Part or in Whole is Strictly Prohibited
Spam is nothing new, but a recent site we were reviewing was a bit different. After a bit of analysis, we found a file called tracks.php that was generating spam with the following code on it: <?php // Any reproduction … Read more
Posted in malware, malware_updates, pharma, spam
Tagged malware, malware_updates, pharma, spam
Leave a comment
Ask Sucuri: Why Do I Only Get Malware Warnings on Certain Browsers?
A few days ago, our scanner alerted that a site had malware related to the Blackhole Exploit Kit. The owner of the site said that when he visited the site, nothing happened, and the malware wasn’t displayed – probably thinking … Read more
Posted in hacked, malware, malware_updates, virus
Tagged hacked, malware, malware_updates, virus
Leave a comment
WordPress 3.3 XSS Vulnerability Patched (3.3.1 Released)
We just learned of a reflected XSS vulnerability in WordPress 3.3 via the comments form (wp-comments.php). It is explained in detail here. The disclosed vulnerability can only be triggered via Internet Explorer according to the disclosing party, our tests lead … Read more
Happy New Year From the Sucuri Team
Just a quick message to thank everyone that worked with us during 2011 (clients, partners and friends), and to wish a wonderful 2012 to all of you. We have some cool projects and posts to share in the near future, … Read more
Blacklist Warnings for Users of the Stream-Video-Player WordPress Plugin
If you are using the plugin stream-video-player, it might be a good idea to disable this plugin for now. The plugin loads a Flash player from “http://rod.gs/_SVP/5.7.1896/player.swf?ver=1.3.2″, a domain (rod.gs) which is currently blacklisted by Google, so anyone visiting your … Read more
Posted in blacklist, blacklisted, malware, malware_updates, plugin, wordpress
Tagged blacklist, blacklisted, malware, malware_updates, vulnerability, wordpress
Leave a comment
Malware Being Called From Your php.ini File
Is your site infected with malware, and you can’t find it anywhere? It might be a good idea to search outside of your web directory, and look in your main configuration files (specially if you are on a dedicated/VPS server). … Read more
Posted in hacked, malware, malware_updates, vulnerability
Tagged hacked, malware, malware_updates, vulnerability
Leave a comment
Ask Sucuri: How Long Does It Take For a Site To Be Removed From Google’s Blacklist? – Updated
If you have any questions about malware, blacklisting, or security in general, send it over to us: contact@sucuri.net and we will answer here. For all the “Ask Sucuri” answers, click here This is an update to our previous post about … Read more
Posted in ask, blacklist, blacklisted, google, sucuri
Tagged ask, blacklist, blacklisted, google, sucuri
Leave a comment
WordPress 3.3 is Out
For all our WordPress users, please remember to update to WordPress 3.3 that was just released. It should be a quick 1-click process in your dashboard, and nobody have an excuse not to do so. And if you are currently … Read more
Posted in wordpress
Leave a comment
