The New (and Old) .htaccess Attacks – Now Using .in Domains
David Dede We have been talking about .htaccess redirections for a while. A site gets compromised and the attackers modify the .htaccess file(s) to redirect any search…
Browsing Category
WordPress Security
664 posts
Dre Armeda: WordPress End-User Security
Sucuri Co-Founder Dre Armeda did a great presentation at WordCamp Chicago about end-user security for WordPress users. Check out the video here: Dre will also…
Timthumb.php Mass Infection – Aftermath – Part I
If you use WordPress you’re probably aware of the mass infection caused by a vulnerability in the timthumb.php script, a photo manipulation script included in…
Remove Unused/Testing/Debug Software From Your Site
Dre Armeda We constantly see sites hacked due to vulnerabilities in various tools. In most cases, site owners don’t even realize they are there, or don’t even…
Evil backdoors – Part II
A few months ago we did a post about backdoors, explaining how they work and how to look for them. If you didn’t read it,…
Mass Spam Infection From Wplinksforwork Dot Com (50k+ WordPress Sites Hacked)
Last year we spoke about the siteurlpath blackhat SEO attack that was infecting many WordPress sites with spam. But, how many? We had no clue…
Website Getting Redirected? It Might Have Something To Do With Moneygram-tracking Dot Com
Have you ever tried to visit your site and you got redirected to a different site? Maybe some external news page that had nothing to…
TimThumb.php backdoor
If your site got compromised lately with the TimThumb.php vulnerability, make sure to check that script to see if it was not modified to act…
TimThumb.php Attacks – Now Being Used for Blackhat Spam SEO and Might Break Your Site
We have been talking a lot lately about the Timthumb.php vulnerability and the importance of updating that script as soon as possible. Sites that didn’t…
TimThumb.php attacks – Now using googlesafebrowsing dot com
We have been talking a lot lately about the Timthumb.php vulnerability and the importance of updating the script as soon as possible. Sites that didn’t…
Mass Infection of WordPress Sites Due to TimThumb ( counter-wordpress dot com )
Many people are asking us about this “counter-wordpress.com” type of malware, so we will post some details here. Our scanner has been identifying it for…