Unmask Parasites. Blog.
msgbartop
Unmask Parasites - Check your web pages for hidden links, iframes, malicious scripts, unauthorized redirects and other signs of security problems.
msgbarbottom
Loading site search ...

Tweet Week: August 16-22, 2010

23 Aug 10   Filed in Tweet Week with 0 Comments

Selected short messages and links you might have missed if you don’t follow me on Twitter.

ColdFusion vulnerability, compromised NetSol widget, Google warnings in Spanish, site ownership verification using Analytics … »»


Tags:

Tweet Week: April 19-25, 2010

26 Apr 10   Filed in Tweet Week with 0 Comments

Selected short messages and links you might have missed if you don’t follow me on Twitter.

Malware info in Webmaster Tools, StopBadware Stories, links from Matt Cutts and Brian Krebs, etc. »»


Tags:

Tweet Week: April 5-11, 2010

11 Apr 10   Filed in Tweet Week with 1 Comment

Selected short messages and links you might have missed if you don’t follow me on Twitter.

mass WP hack on Network Solutions, virtualization, Google Webmaster Tools, etc … »»


Tags:

Tweet Week: March 29 – April 4, 2010

04 Apr 10   Filed in Tweet Week with 0 Comments

Selected short messages and links you might have missed if you don’t follow me on Twitter.

security patches, SpyEye vs. Zeus, Black-hat SEO, Google vs phishing … »»


Tags:

Tweet Week: March 1-7, 2010

07 Mar 10   Filed in Tweet Week with 0 Comments

Selected short messages and links you might have missed if you don’t follow me on Twitter.

Google notifications, security patches, malicious PHP code … »»


Tags:

Bety.php Hack. Part 2. Black Hats in Action.

26 Jan 10   Filed in Website exploits with 2 Comments

This is the second article about the hacker attack against osCommerce-powered sites. In the first part, you can find the description of the attack along with detection and clean-up instructions. Now I want to show you what exactly hackers did and how they managed to poison Google search results.

The main goal is to demystify hackers and encourage webmasters to explore their own sites. The more you know about hackers, the better you’ll be at protecting your site against their attacks.

This post is based on the files and access logs of three compromised sites that I received from a webmaster who contacted me a couple of weeks ago.

Quick facts

  1. The attack uses unpatched vulnerability in osCommerce 2.2 that allows an attacker to upload arbitrary files to compromised servers using a security hole in file_manager.php.
  2. Only one of the three sites actually uses osCommerse (site-1).The rest two sites had been hacked using access gained via the hacked site-1.

Chronicle of the attack »»


Tags:

Bety.php – osCommerce Hack. Part 1.

18 Jan 10   Filed in Website exploits with 0 Comments

About a week ago I received a very insightful email from one webmaster where he described a recent attack that his site was subject to and showed how Google’s Webmaster Tools helped him notice the hack.

With Jim’s permission, I publish this email here »»


Tags:

Tweet Week: Nov 23-29, 2009

29 Nov 09   Filed in Tweet Week with 1 Comment

Selected short messages and links you might have missed if you don’t follow me on Twitter.

IE vulnerability, MediaTemple security issues, Google Webmaster Tools … »»


Tags:

Tweet Week: Nov 16-22, 2009

24 Nov 09   Filed in Tweet Week with 0 Comments

Selected short messages and links you might have missed if you don’t follow me on Twitter.

PDF exploit, threats, Google Webmaster Tools … »»


Tags:
sidebartop

About this blog

Occasional posts from the developer of
Unmask Parasites about things that hackers already know and site owners should know (if they don't want to be victims).

Exploit reviews, security tips, and all that jazz.

This blog in the news

Get free updates:   RSS   Email   Twitter
sidebarbottom
sidebartop

Recent Posts

sidebarbottom
sidebartop

Categories

sidebarbottom
sidebartop

Recent Comments

sidebarbottom
sidebartop
sidebarbottom
© Unmask Parasites. Blog. / Design: Smashing Wordpress Themes