Slack Integration - Create your own BitNinja alerts
Boglarka Angalet

Slack Integration - Create your own BitNinja alerts

Back in October, we collected your feedback about our upcoming chat integration. As 59% of you asked for notification options for Slack to ease your daily job, we started working on that soon and here we come with the result. We're happy to announce BitNinja's Slack integration! We know every team works with a handful of systems on a daily basis and you don’t always have the time to check if anything happened at the BitNinja Dashboard. But now you can receive notifications to your Slack workspace and channels about important security events happening on your servers. With...
Read more
Manual Malware Scan – It's now available on the Dashboard
Eniko Toth

Manual Malware Scan – It's now available on the Dashboard

As a server owner, have you ever had an experience where one or more of the websites hosted by you were reported as a phishing website? Another common issue to get blacklisted on different lists or getting abuse reports which inform you that your servers are attacking other nodes. Perhaps this fact that we’re telling you isn’t new, which is the source of the outgoing attacks is an infection. A lot of hosting providers are frightened when they hear the word „malware,” and they have the reason for getting afraid. Malware is in the spotlight ELK Cloner was the very first malware (previou...
Read more
New security feature against phishing sites
Boglarka Angalet

New security feature against phishing sites

Cybercriminals can easily attempt to break into shared hosting environments to use their resources for different types of attacks. Phishing is one of the most irritating forms, where the provider, the website owner and all of their visitors are affected. These attacks also highlight the responsibility of hosting providers, and that’s why we have just launched BitNinja’s new anti-phishing feature, to give a new weapon in your hands for fighting the hackers. Why phishing? Phishing is quite an old-school hacker technique, which seems to never go out of fashion. Since the technique simply...
Read more
Defense Robot – The breakthrough innovation for the cybersecurity market
Eniko Toth

Defense Robot – The breakthrough innovation for the cybersecurity market

Are you tired of the never-ending malware infections? Would you like to get rid of the nightmare of the long hours spent troubleshooting? Do you still seem to get repeatedly infected regardless of how often you make malware removals? It’s enough of the reactive protection! The old way What would usually happen when a server became infected? People had to buy special security tools, which had really high prices to find malware. If it succeeded, the sysadmins had to spend plenty of hours (or in worse cases several days) to remove the malware. The other option was to pay for someone to do t...
Read more
How to secure WP-login
Laszlo Takacs

How to secure WP-login

WordPress is the most known CMS in the world currently (WordPress runs 32% of the entire internet), we hear that it is the easiest CMS to handle, to install and to use. Taking all these information into account, we would think that it is safe as a house. Wrong! It might be easy to use, but for this exact reason, it is easy to hack. As it is free, there are many free plug-ins which are usually not up to date, creating weak points. Hackers always tend to exploit vulnerabilities in Plugins, Themes and WP Core. There are many parts where WordPress should be strengthened, now I would like to hig...
Read more
2018: The Year in Review at BitNinja
Boglarka Angalet

2018: The Year in Review at BitNinja

As we look back now, it is amazing to remember all the things we achieved together and all the threats BitNinja saved us from since the start of the year.  Here’s a five minute summary of what we have been up to in 2018.  Hacker-free new year to everyone! See you in 2019! Thank you for an amazing 2018! First of all, we’d like to say thank you for your engagement and support all around the year. You inspire us to achieve the best security solution available, to develop our community and to deepen our knowledge of every aspect of cybersecurity.  Thanks...
Read more
How to protect your web hosting business during the holiday season attack wave
Boglarka Angalet

How to protect your web hosting business during the holiday season attack wave

For devops in the web hosting business, holiday season is not exactly the most wonderful time of the year. If you’ve ever sneaked out from Christmas dinner to check on your servers’ status, or been woken up by attack alerts when only Santa Claus is supposed to be awake, you know what I mean. The Rise of Holiday Hacking Holiday season is peak period for cyber attacks, and we’ve written about it several times. But we’re not the only ones analyzing historical data and finding any indication of what’s to come. Just taking a look at last year, The SSL Store predicted over 50 millio...
Read more
Classification of malware
Eniko Toth

Classification of malware

The current world war isn’t happening in the physical world. However, cyber attacks have stepped into the foreground, and blackhat hackers can gain millions with their targeted attacks. Their main weapon in this war: malware. In this article, we’ll diversify the different types of malware so that you can better understand their behaviour. There are many ways in which malware can be categorized, but now we’d like to introduce Christopher C. Elisan's classifications from his book, Malware, Rootkits & Botnets. 1.Infectors Infectors have a very important limitation: they can only sprea...
Read more
New Zero-Day Vulnerability on the Horizon Again
Eniko Toth

New Zero-Day Vulnerability on the Horizon Again

After the “Hello, Peppa!”  zero-day botnet, our Attack Vector Miner detected another zero-day vulnerability.  Some vulnerable websites contain an /ept/out.php file, which can work as an open proxy. That’s why the attacker scans the /ept/out.php file. Let’s see an example:  The number of these attacks started to increase on July 11th, and as we can see in the diagram below, the botnet’s activity is slowing down now.  During the peak time, we experienced 15.000 attacks per day and most of them tar...
Read more
3rd Drupalgeddon alert! How to be protected with BitNinja?
Eniko Toth

3rd Drupalgeddon alert! How to be protected with BitNinja?

Third critical Drupal vulnerability discovered!!! Those who are running a Drupal website couldn’t have a rest over the past few weeks. This is the third time when Drupal recommends to update these sites. During exploring the previous remote code execution (RCE) vulnerability, the CVE-2018-7600, the team discovered a new RCE vulnerability (CVE-2018-7602). If  you or your customers have Drupal websites and would like to avoid  backdoors, cryptocurrency miners and other malwares, BitNinja is here to  help you! Just make sure your WAF rule #402003 is enabl...
Read more