Potential vBulletin Exploit (4.1+ and 5+)
Daniel Cid The vBulletin team just posted a pre-disclosure warning on their announcements forum about a possible exploit in versions 4.1+ and 5+ of vBulletin. They don’t…
Free Sucuri WordPress Plugin Gets New Features
We just released some major updates to our Free WordPress plugin that we recommend all WordPress users check out. Before the update, the plugin was…
Joomla Media Manager Attacks in the Wild
If you are using Joomla and didn’t update your site recently, you better stop doing whatever you are doing, and update it now. There is…
OpenX.org Compromised and Downloads Injected with a Backdoor
We received reports that OpenX.org was compromised and the OpenX download files had a backdoor injected in them. According to Heise (in German), the malicious…
Phishing 2.0 – Credit Card Redirection on Compromised Sites
We have seen it all when it comes to compromised sites: from silly defacements, to malware, spam, phishing and all sorts of injections. However, the…
Sucuri CloudProxy Web Application Firewall (WAF) – Out of Beta
We are happy to announce that after more than a year in testing, Sucuri’s Cloud WAF is out of beta. CloudProxy is currently available to…
From a Site Compromise to Full Root Access – Bad Server Management – Part III
When an attacker manages to compromise and get access to a website, they won’t stop there. They will aim to gain full root (admin) access…
Malware Hidden Inside JPG EXIF Headers
A few days ago, Peter Gramantik from our research team found a very interesting backdoor on a compromised site. This backdoor didn’t rely on the…
SSH Brute Force – The 10 Year Old Attack That Still Persists
Three years later we are still seeing SSH brute force attacks compromising sites on a frequent basis. One of the first server-level compromises I had…
Fake piwik domain – piwik-stat
Piwik is an open source web analytics software that is used by many web masters. Andthe bad guys are using their popularity to try to…
ESET Blacklist Results Added to SiteCheck
If you did a SiteCheck scan today, you probably saw a new entry in the Blacklist tab for ESET. ESET has been a good friend…