Selected short messages and links you might have missed if you don’t follow me on Twitter.
Apr 5, 2010
updated my list of Gumblar zombies – now 675 URLs
WordPress 3.0, Beta 1 is out – Time to get rid of all legacy stuff that may make the upgrade to v3 painful.
Interesting investigation by Sucuri Security – malicious code injected into .js on the fly for first time visitors
Apr 7, 2010
There is no such thing as a “Google Verified Malware Free” site – by Oliver Fisher (Google Anti-Malware)
[h-online.com] Adobe issues official workaround for PDF vulnerability
Removing sensitive text from a page – to remove spammy keywords from Google search results after black-hat SEO hacker attacks
[h-online.com] Security through virtualisation – QubesOS – A separate virtual system for every task
Apr 8, 2010
[webmaster central forum] BBEdit seems to have a bug(?) that may hide certain lines of code (in this case, malicious code)
[webmaster central forum] explanation of the “0 page(s) resulted in malicious software” message for blacklisted sites
Apr 9, 2010
[Google Webmaster Central] When and why was my site flagged for malware? Learn in near real-time!
So far I confirm that this “networkads” is Networks Solution-only (checked 50+ sites), WP-only. But it is NOT DB-only. More info to follow..
[networkads hack] found 50+ infected sites on 12 IPs. All on the “Network Solutions” network. No other networks affected. To be continued…
[blog.networksolutions.com] Alert: WordPress Blog & Network Solutions
[networkads hack] This is an attack against WP blogs, but I doubt it uses WP vulnerabilities. It is enough to upload & execute scripts.
Apr 11, 2010
If you want more real-time experience, you can follow @UnmaskParasites on Twitter.