Tweet Week: April 5-11, 2010

Selected short messages and links you might have missed if you don’t follow me on Twitter.

Apr 5, 2010

updated my list of Gumblar zombies – now 675 URLs

WordPress 3.0, Beta 1 is out – Time to get rid of all legacy stuff that may make the upgrade to v3 painful.

Interesting investigation by Sucuri Security – malicious code injected into .js on the fly for first time visitors

Apr 7, 2010

There is no such thing as a “Google Verified Malware Free” site – by Oliver Fisher (Google Anti-Malware)

[h-online.com] Adobe issues official workaround for PDF vulnerability

Removing sensitive text from a page – to remove spammy keywords from Google search results after black-hat SEO hacker attacks

[h-online.com] Security through virtualisation – QubesOS – A separate virtual system for every task

Apr 8, 2010

[webmaster central forum] BBEdit seems to have a bug(?) that may hide certain lines of code (in this case, malicious code)

[webmaster central forum] explanation of the “0 page(s) resulted in malicious software” message for blacklisted sites

Apr 9, 2010

[Google Webmaster Central] When and why was my site flagged for malware? Learn in near real-time!

Sucuri security and Brian Krebs report mass WordPress hack on Network Solutions servers

So far I confirm that this “networkads” is Networks Solution-only (checked 50+ sites), WP-only. But it is NOT DB-only. More info to follow..

[networkads hack] found 50+ infected sites on 12 IPs. All on the “Network Solutions” network. No other networks affected. To be continued…

[blog.networksolutions.com] Alert: WordPress Blog & Network Solutions

[networkads hack] This is an attack against WP blogs, but I doubt it uses WP vulnerabilities. It is enough to upload & execute scripts.

Apr 11, 2010

RT @sucuri_security: Quick fix for the Network solutions / Wordpress issue.

If you want more real-time experience, you can follow @UnmaskParasites on Twitter.

Related posts:

• Previous Tweet Weeks