The Password Dilemma – Unique and Complex is the Key

A lot of attention is being applied to passwords lately, and rightfully so.

Most everyone is trying to understand how easy or hard reverse engineering passwords is, and trying to better grasp the role it plays in today’s compromises. What is being realized is that it plays an instrumental role, and ranks easily amongst the top 5 reasons why web applications are compromised.

Read More

Backdoor Tool Kit – Today’s Scary Web Malware Reality

We often talk about the importance of keeping your server clean. You can see it in a number of our articles and presentations, this post will likely drive that point home.

This past week we came across a nice little package that we felt compelled to share with you. In it, the attacker makes use of a number of tools designed to help them infiltrate your environment. What’s likely most annoying about this kit is that it’s loaded into your environment, and uses your own resources to help hack you. That’s like being punched in the gut and slapped at the same time, not cool.

Read More

PRWeb Stores Passwords In Clear Text

It is 2012 and with the growing web threats you would expect to see increased measures to protect user credentials. We hope that in the wake of events with LinkedIn and eHarmony others realize the importance of an increased security posture.

Consider the recent LinkedIn, e-Harmony or similar breaches in the past to see how important this topic has become.

Back to the topic at hand…

Read More

WHMCS Website Hacked and Database Leaked

The WHMCS website and twitter accounts got compromised yesterday, and their full database (and files) were posted online.

WHMCS Twitter Hacked

Yes, it means that if you have an account there, or if you use any of the WHMCS products, you have to change all your passwords asap, and wait from a confirmation from them before downloading anything from their web site again (since it might still be compromised or with backdoors).

They posted the following on their blog:

Read More

Brute force attacks against WordPress sites

We talk a lot about the importance of using strong passwords, but sometimes it it hard to see how important it really is, or what can happen if we do not use a strong one. Most people only realize this after they have been compromised for the first time.

Lately we have been seeing many WordPress sites being attacked and hacked through the use of brute force. The administrator leaves the default “admin” user name and chooses a simple password, and never changes it.

Why is it bad that the password is easy and never changed?

There is a technique known as brute-force attack. Like the name implies, access is gained to your environment through brute force. Often conducted by bots, these attacks will run through a compiled list of common passwords and their permutations (i.e., password, Pa$$w0rd, p@ssw0rd, etc..). Yes, the attackers know that you substitute ‘A’ for an ‘@’ and ‘S’ for a ‘$’. Using this method the attackers are gaining access to your wp-admin, this then allows them to serve spam via your posts, deface your home page like we recently saw with ServerPro, and inject any one of the other types of malware roaming the interwebs.

Read More

DreamHost Security Issue Prompts FTP Password Resets

Yesterday on the DreamHost Status Blog, it was announced that all shell/FTP passwords would be reset due to what looks to be a security breach that was discovered on one of the DreamHost database servers.

DreamHost Security BreachDreamHost looks to have done a great job notifying affected customers via the update page, keeping them up-to-date throught out the day until the issue was resolved. It looks like all FTP passwords were indeed reset.

We recommend that all DreamHost customers log into to their accounts and check their account status. It is encouraged that you change your account passwords, and it wouldn’t hurt to change your FTP and database passwords again just to make sure.

Read More