Selected short messages and links you might have missed if you don’t follow me on Twitter.
.htaccess hack, attack against PHP sites, IE vulnerability, … »»
Selected short messages and links you might have missed if you don’t follow me on Twitter.
This is the second article about the hacker attack against osCommerce-powered sites. In the first part, you can find the description of the attack along with detection and clean-up instructions. Now I want to show you what exactly hackers did and how they managed to poison Google search results.
The main goal is to demystify hackers and encourage webmasters to explore their own sites. The more you know about hackers, the better you’ll be at protecting your site against their attacks.
This post is based on the files and access logs of three compromised sites that I received from a webmaster who contacted me a couple of weeks ago.
Selected short messages and links you might have missed if you don’t follow me on Twitter.
IE patch, updates on attacks, Google quiz, Firefox 3.6, UP testimonials »»
About a week ago I received a very insightful email from one webmaster where he described a recent attack that his site was subject to and showed how Google’s Webmaster Tools helped him notice the hack.
Selected short messages and links you might have missed if you don’t follow me on Twitter.
In the last couple of months of 2009 I quitely rolled out some improvements to Unmask Parasites. I couldn’t find enough time to blog about them since there always had been some nasty malware attack that I needed to investigate and write about here. Finally, I decided that the new year beginning is the proper time to round up some improvements and new features of the last year.
Round up »»
Selected short messages and links you might have missed if you don’t follow me on Twitter.
Adobe Reader updates, Adv. WordPress Security, LGPL malscripts »»
Selected short messages and links you might have missed if you don’t follow me on Twitter.
Dec 28, 2009
LeaseWeb seems to have removed malicious servers from its network after my blog post about the “GNU GPL” scripts. (OVH still hosts hackers)
Dec 30, 2009
Good Guys Bring Down the Mega-D Botnet – respect @FireEye !
Jan 2, 2010
If you want more real-time experience, you can follow @UnmaskParasites on Twitter.
Related posts:
Last week, I wrote about the latest mutation of the website hack that has been active (mostly in form of iframe injection) throughout this year. I mentioned that for some reason all malicious domain names had been mapped to IP addresses on LeaseWeb and OVH networks. Moreover, LeaseWeb hosted a central site mdvhost .com (hidden behind reverse-proxies) for at least 3 months.
LeaseWeb reaction »»