We're all familiar with targeted banners these days. Visit a shoe site and suddenly all banners in various web sites are shoe-related. It seems the banner scammers/hijackers have figured this out too. Recently I noticed suspicious Adwords bannersย originating from a site called adnxs.com. My guess is that the malware authors use Adwords or similar networks — Continue reading ยป
Wordpress 'page_option' Hack
Wordpress is a great publishing product but its popularity is also its Achilles heel. It's notorious for being a favorite target of hackers and many have been successful in compromising plenty of installations out there, including this one. Having automated monitoring software is certainly a prudent way to stay on top of things, but in — Continue reading ยป
Network Solutions, More Like Network Problems
Network Solutions (netsol), the company behind domain names had a rough day today and it dragged its customers down with it. Apparently a DDoS attack knocked out their network making hosted web sites and DNS servers inaccessible. This site, while not hosted on netsol, does have its name servers hosted with them and so it — Continue reading ยป
PRISM, Spies, and Leaks
While the US and much of the world is embroiled in the so-called scandal of US government spying on its citizens, I am left wondering why this is news at all? The Patriot Act enacted after September 11, 2001 was designed to do exactly that, spy on voice and data communications in the US. Yes — Continue reading ยป
Disabling SELinux
I know it's sacrilegious for some to disable a security feature on a platform, but SELinux (an enhanced Linux security feature) has left me no choice but doing exactly that on Linux. SELinux was added to Linux to give it additional security measures beyond what it inherited From Unix. By default many of the Linux — Continue reading ยป
Wordpress Base64 Hack or PHP-CGI Hack? part III
After being hit by the Wordpress base64 hack twice within a couple of weeks, it finally dawned me that the PHP CGI flaw was the culprit. The attack robots (a la Metasploit) use the knowledge of PGP CGI flaw together with the well-known scripts of popular products (Wordpress, Joomla, Drupal, etc.) to penetrate sites and — Continue reading ยป
Wordpress Base64 Hack or PHP-CGI Hack? part II
To be factual about it, my site was hacked twice in exactly the same way over a period of couple of weeks. The first time around I noticed it when the feeds coming via Feedburner kept crashing the RSS readersย because of a javascript malware block inserted right at the top of the feed. Turns out — Continue reading ยป
Wordpress Base64 Hack or PHP-CGI Hack?
A couple of months ago I started noticing that this blog's RSS feed, which is via Feedburner, wasn't coming through on some RSS readers. After some tests I discovered that the feed actually contained a malicious javascript block at the top. That was breaking the XML format, causing the RSS readers to fail. Turns out — Continue reading ยป