Potential vBulletin Exploit (4.1+ and 5+)
Daniel Cid The vBulletin team just posted a pre-disclosure warning on their announcements forum about a possible exploit in versions 4.1+ and 5+ of vBulletin. They don’t…
Browsing Category
Website Security
1031 posts
The Dangers External Services Present To Your Website
Tony Perez Today the Washington Post reported that they were victims of hack, orchestrated by the Syrian Electronic Army. This attack is interesting because it sheds light…
HideMeBetter – SPAM injection Variant
Rodrigo Escobar Compromised sites being injected with SPAM SEO is something we deal very often. A few months ago we wrote about a wave of SPAM injections…
Dissecting a WordPress Brute Force Attack
Update: Brute force protection now available: http://cloudproxy.sucuri.net/brute-force-protection Over the past few months there has been a lot of discussion about WordPress Brute Force attacks. With…
From a Site Compromise to Full Root Access – Bad Server Management – Part III
When an attacker manages to compromise and get access to a website, they won’t stop there. They will aim to gain full root (admin) access…
From a Site Compromise to Full Root Access – Local Root Exploits – Part II
When an attacker manages to compromise and get access to a website, they won’t likely stop there, they will aim to gain full root (admin)…
From a Site Compromise to Full Root Access – Symlinks to Root – Part I
When an attacker manages to compromise and get access to a website, they won’t likely stop there, they will aim to gain full root (admin)…
Auto Generated IFrames To Blackhole Exploit Kit – Following the Cookie Trail
We often talk about websites being compromised and injected with malware that redirect users to exploit kits. We unfortunately don’t give you a complete picture…
Who Really Owns Your Website? “Please Stop Hotlinking My Easing Script — Use a Real CDN Instead.”
For the last few days, we have had some customers come to us worried thinking that their websites were compromised with some type of pop-up…
Game of Coins: The Uprise of Bitcoin Mining
Dre Armeda Research by Daniel Cid. Authored by Dre Armeda. One thing you can’t take away from some of the attackers we deal with everyday is their…
Joomla Version 2.5.10 Released – Security Updates
This morning the Joomla development team released a new version of the Joomla platform. This is a Security release, so please be sure to update…