The Most Famous Vulnerabilities - Cross-Site Scripting (XSS)
Jozsef Konnyu

The Most Famous Vulnerabilities - Cross-Site Scripting (XSS)

It’s been a while since I wrote the previous episode of my blog series. If you are interested in Remote Code Execution, then I definitely recommend reading the previous part. So, here we are again, the moment has come for my final article about cross-site scripting (XSS). What is Cross-Site Scripting (XSS)? Usually, XSS vulnerability occurs when there are untreated inputs and bad cookie usage. So, please let me tell you about a case that happened in 2005 on Myspace. A MySpace user found an XSS vulnerability on the site, and he wrote a payload called „Samy Worm.” This payload was a...
Read more
Manual Malware Scan – It's now available on the Dashboard
Eniko Toth

Manual Malware Scan – It's now available on the Dashboard

As a server owner, have you ever had an experience where one or more of the websites hosted by you were reported as a phishing website? Another common issue to get blacklisted on different lists or getting abuse reports which inform you that your servers are attacking other nodes. Perhaps this fact that we’re telling you isn’t new, which is the source of the outgoing attacks is an infection. A lot of hosting providers are frightened when they hear the word „malware,” and they have the reason for getting afraid. Malware is in the spotlight ELK Cloner was the very first malware (previou...
Read more
New security feature against phishing sites
Boglarka Angalet

New security feature against phishing sites

Cybercriminals can easily attempt to break into shared hosting environments to use their resources for different types of attacks. Phishing is one of the most irritating forms, where the provider, the website owner and all of their visitors are affected. These attacks also highlight the responsibility of hosting providers, and that’s why we have just launched BitNinja’s new anti-phishing feature, to give a new weapon in your hands for fighting the hackers. Why phishing? Phishing is quite an old-school hacker technique, which seems to never go out of fashion. Since the technique simply...
Read more
Defense Robot – The breakthrough innovation for the cybersecurity market
Eniko Toth

Defense Robot – The breakthrough innovation for the cybersecurity market

Are you tired of the never-ending malware infections? Would you like to get rid of the nightmare of the long hours spent troubleshooting? Do you still seem to get repeatedly infected regardless of how often you make malware removals? It’s enough of the reactive protection! The old way What would usually happen when a server became infected? People had to buy special security tools, which had really high prices to find malware. If it succeeded, the sysadmins had to spend plenty of hours (or in worse cases several days) to remove the malware. The other option was to pay for someone to do t...
Read more
BitNinja WAF protects against the latest Drupal vulnerability (CVE-2019-6340)
Eniko Toth

BitNinja WAF protects against the latest Drupal vulnerability (CVE-2019-6340)

The social media and the cybersecurity sites were blowing up when Drupal published their latest vulnerability (SA-CORE-2019-003). It’s not a surprise that this remote code execution vulnerability got a highly critical label, as hackers could easily hack your Drupal 8 websites. But BitNinja users shouldn’t have to worry for any minute, as they were protected by our WAF from the very beginning of this RCE flaw. We have already seen some attempts caught by the rule 933170, so hackers didn’t wait a lot to exploit the CVE-2019-6340. How are hackers trying to exploit the latest Drupal vulnerab...
Read more
GXHLGSL.txt file uploader botnet –Discovered by BitNinja FtpCaptcha
Eniko Toth

GXHLGSL.txt file uploader botnet –Discovered by BitNinja FtpCaptcha

At the beginning of the year we released our brand-new FtpCaptcha module, and of course, we were so excited about receiving the first incidents. However, we didn’t think that the very first logs will be such eye-catching. We detected a not so well-known botnet, and we didn’t find an article about it (only a few forum topics), so we summarized everything that you need to know about it. Test the ability to upload a file This botnet is trying to upload a file named GXHLGSL.txt, which contains only this: TEST. If it was a vulnerability scanner, there would provide some description about it o...
Read more
Botnet renewal – Here is the February botnet
Eniko Toth

Botnet renewal – Here is the February botnet

Do you remember the new version of the Hello Peppa botnet? At the end of 2018, it was welcomed into 2019 slightly early, and the January botnet started to spread. Well, it wouldn’t be funny, if the botnet would still send the „J4nur4ry” in the Post Data when we are already over January… So, here is the February botnet! Despite the January botnet, this one was accurate and started on 1st February. The pike was on the next day, as you can see it from the chart below.   After that, it looked like it moved back, but on 17th Feb there was another pike. Let’s look closely to o...
Read more
News from Threat Lab: 4+1 New SenseLog rules have been created
Eniko Toth

News from Threat Lab: 4+1 New SenseLog rules have been created

The new year inspired us and brought new vibes to our office. Our tech ninjas are developing several new badass features. Besides the new features, we are also improving our existing modules as well. Last week, the SenseLog module became enriched with 4 new rules and another rule has been updated. Here is a list of them: 1. Apache Magento Downloader (Rule ID: 80_1_021) 2. Apache WP Login Deprecated Firefox User Agents (Rule ID: 80_1_022) 3. Plesk Login Fail (Rule ID: 8443_1_001) 4. LFD Blocked (Rule ID: lfd_1_001) +1  Updated rule: Apache WP XML-RPC Suspicious User Agent (Rule...
Read more
Case Study - How BitNinja Supports Dreamscape Networks’ Mission
Eniko Toth

Case Study - How BitNinja Supports Dreamscape Networks’ Mission

A few years ago, our web hosting company experienced heavy difficulties with the different kinds of cyberattacks. The things became so bad that we started to lose customers because they obviously perceived the consequences of the vulnerable servers. We couldn’t bear it anymore and decided to take over the control of the cyberwar. That’s how BitNinja was born 5 years ago. Our servers became safe and since then our web hosting company is rapidly growing, but that wasn’t enough for us. We have bigger dreams about a better future, where every server owner can forget all those headaches what we...
Read more
How to secure WP-login
Laszlo Takacs

How to secure WP-login

WordPress is the most known CMS in the world currently (WordPress runs 32% of the entire internet), we hear that it is the easiest CMS to handle, to install and to use. Taking all these information into account, we would think that it is safe as a house. Wrong! It might be easy to use, but for this exact reason, it is easy to hack. As it is free, there are many free plug-ins which are usually not up to date, creating weak points. Hackers always tend to exploit vulnerabilities in Plugins, Themes and WP Core. There are many parts where WordPress should be strengthened, now I would like to hig...
Read more