Outdated Software Alerts
Search This Blog
-
Recent Posts
- Websense’s Claim of Vulnerability in WordPress 3.2.1 Completely Baseless
- Looking at the Claimed WordPress setup-config.php Security Issues
- Claims of Vulnerability in WordPress 3.2.1 Supported by False Information
- DreamHost Does Store Non-Hashed Passwords
- Outdated Software Running on Websites of WordPress and Other Web Software
RSS/Atom Feed
Web Software Updates
WordPress Version
We are running WordPress 3.3.1 and despite what many supposed "security experts" claim letting you know what version we are running does not make us less secure.Did We Make a Mistake?
While it seems to be acceptable for blogs discussing web security to contain numerous factual mistakes, we hold ourselves to a higher standard. We only write about things that we actually understand and only after we have double checked the information. So if you see a mistake in one of our posts please leave a comment on the post or contact us so that we can add a correction.
Monthly Archives: August 2010
SG Managed Provides Hosting For Important Spam Hack Component
SG Managed is providing hosting for c4412d2ffc4bf832.info, which is an important component of a spam hack that has affected a large number of Zen Cart based websites. The website is one of eight that the hacked websites attempt to retrieve a file containing a set of spam links to display when search engines request pages from the website. This website is the only one currently active and if the hosting was shut off the hacked websites would no longer contain spam links unless new hosting could be found. We contacted SG Managed about the issue several weeks ago, we have received no response and the website is still being hosted by them. When we contacted another host who had been providing service for another website used by the hack they shut down the service within a hour.
We are currently in the process of contacting the websites that have been affected.
Posted in Website Security
Leave a comment
The Planet Hosts Critical Component of SEO Poisoning Campaign
The Planet, a large US hosting provider, provides hosting for two websites that are critical for a major SEO poisoning campaign. SEO poisoning involves getting web pages listed in search engines that when accessed attempt to infect the computer with malware. This particular campaign involves two sets of hacked websites and the websites hosted by The Planet. The first set of websites has been hacked to display the content from a file requested from either getalllinks.info or dvc44ftgr.com when a page from the hacked website is requested by a search engine. The files from getalllinks.info and dvc44ftgr.com, hosted by The Planet at the IP address 174.133.193.218, include links to pages on the second set of hacked websites. The content of those files can be seen at http://www.getalllinks.info/links/0.txt or http://www.dvc44ftgr.com/links/0.txt. Search engines crawl those pages on the second set of hacked websites and they get included in search engines results. When people access the pages through search engines they are redirected to fake anti-virus scanner that attempts to infect their computers with malware. Without the two domains hosted by The Planet the pages on the second set of websites are never crawled and never get included in the search results where the could be accessed by users.
We twice contacted The Planet about the issue and in both cases they took no action. The first time they claimed the issue had been already been resolved and the second time they claimed they could not find anything. We did not receive the same response when we contacted another provided who had been providing service for one of the domains. EveryDNS, which had been providing DNS service for getalllinks.info, shut off the service a day after we contacted them. Two weeks later the domain became active again after the domain starting using DNS service hosted on the same server at The Planet.
Posted in Website Malware, Website Security
Leave a comment
