How botnets expand and how to protect against them
George Egri

How botnets expand and how to protect against them

A botnet is a group of infected computers (aka bots or zombie machines) controlled by a hacker, the botmaster. Botnets are a major threat for every server. They are the fundamentals of the cybercrime in the dark industry of hackers. Zombie machines can be personal computers, mobile devices or even servers. Today we will focus on botnets formed by infected linux servers. Server based botnets are especially valuable for the bad guys as servers have typically high amount of various resources like cpu, memory, and what is the most important, internet bandwidth with trusted and in many cases unr...
Read more
Best of 2019 – The 15 Most-Read Cybersecurity News
Eniko Toth

Best of 2019 – The 15 Most-Read Cybersecurity News

Hackers and cyberattack techniques are evolving every day. Hosting companies and every server owner should keep an eye on the cybersecurity news to prepare themselves and protect their systems against the new types of threats. That’s why BitNinja collects the hottest cybersecurity news and sends out a Cybersecurity Digest each month. Now, we’ve summarized the Top 15 articles from 2019 that our readers loved the most. Here is the list: 1. Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers On the 10th of August at the DevConf, a Turkish researcher revealed a z...
Read more
Case study - Swiss Web Hosting Company Protected by BitNinja
Eniko Toth

Case study - Swiss Web Hosting Company Protected by BitNinja

Ganesh Hosting is one of our oldest customers, who are with us from the very beginning. A few years ago, we asked them about their experience and created this case study. It was available only for our reseller partners but now we would like to share it with the publicity.   The company Ganesh Hosting is a Swiss web hosting company, based in the charming city of Vevey. They provide various hosting solutions (VPS, dedicated, cloud) with more than 20 years of experience behind their team.  Having established partners like Morand Distillery and GroupeMutuel, quality is never con...
Read more
Recently discovered Hexa botnet is targeting WordPress hosts
Eniko Toth

Recently discovered Hexa botnet is targeting WordPress hosts

There is a huge demand for buying botnets on the Dark Web, so it’s not a surprise that new kinds of botnets appear from time to time in order to meet the needs of the cybergangs. Of course, there are some old but constantly attacking botnets, like the most popular Mirai botnet or the Hello Peppa botnet which was discovered and named by us. However, we’d like to show you a new botnet, that we haven’t talked about yet. This is the Hexa botnet. Discovery of the Hexa botnet Back in March, we introduced our new security module, the Defense Robot . It was a pleasure to us that we coul...
Read more
BitNinja WAF protects against the latest Drupal vulnerability (CVE-2019-6340)
Eniko Toth

BitNinja WAF protects against the latest Drupal vulnerability (CVE-2019-6340)

The social media and the cybersecurity sites were blowing up when Drupal published their latest vulnerability (SA-CORE-2019-003). It’s not a surprise that this remote code execution vulnerability got a highly critical label, as hackers could easily hack your Drupal 8 websites. But BitNinja users shouldn’t have to worry for any minute, as they were protected by our WAF from the very beginning of this RCE flaw. We have already seen some attempts caught by the rule 933170, so hackers didn’t wait a lot to exploit the CVE-2019-6340. How are hackers trying to exploit the latest Drupal vulnerab...
Read more
The Most Famous Vulnerabilities – Remote Code Execution (RCE)
Jozsef Konnyu

The Most Famous Vulnerabilities – Remote Code Execution (RCE)

If someone wants to use a server resource or take control of the server in some way or wants to steal data, then he does it via remote code execution vulnerability. What is Remote Code Execution? This vulnerability triggers in so many ways, but in most cases, it is possible via the following methods. •Untreated inputs •Untreated file uploads We talk about an untreated input when there is little validation on the server side or none at all. For example, we have a server control panel, and we have an input on it, where we can add commands which will run directly on the server. In...
Read more
Watch the new WAF in action
Eniko Toth

Watch the new WAF in action

The beta version of WAF 2.0 is performing much better than we expected. The feedback we’ve been receiving about it is truly fascinating. More and more people are realizing just how powerful this module is. It’s already – effectively protecting – hundreds of servers against SQL injections, XSS attacks, command injections, directory traversal, data leakage and various other types of attacks. Now, we’d like to take the opportunity to show you a 5-minute video that demonstrates how the WAF 2.0 works in real time. Already using this module? That’s great! But maybe we can show...
Read more
Web Application Firewalls: Choosing the Right WAF for Server Security
Anita Batari

Web Application Firewalls: Choosing the Right WAF for Server Security

Web applications pose a significant security risk to servers, and having a web application firewall (WAF) in place is vital to keeping your servers and your business running smoothly. The average web server faces thousands of attacks on a daily basis. There are a number of web application firewalls available to protect your server, and having the right security in place can mean the difference between just another “day at the office” and a dozen “sleepless nights” trying to maintain your servers’ uptime. Let’s take a look at why having a WAF is so important, how it works, and the op...
Read more
Shared hosting provider with 7,000 customers had 0 infections over the past  7 days
George Egri

Shared hosting provider with 7,000 customers had 0 infections over the past 7 days

Our Hungarian web hosting partner, web-server.hu had ZERO website infections – since enabling BitNinja’s new WAF 2.0 module. We caught up with the lead sysadmin to talk to him about his experience with BitNinja. What has been your experience with BitNinja overall? “Before we began using  BitNinja, we had to fight daily battles with hackers. Infected Wordpress, Joomla, Drupal and other accounts were the most commonly affected platforms. Because of the continuous battle with infections and DoS attacks, we hardly had any time left for servers and for development. Since we started using...
Read more

CryptoPHP – stop it with BitNinja

Boglarka Angalet
We have terrific news again: BitNinja is able to directly fight against CryptoPHP malware. But what is this backdoor? And what does it do with your servers? Find out from our blog. What is CryptoPHP? CryptoPHP is a backdoor used for spamming and illegal search engine optimization (blackhat SEO) actions. This script provides remote control to servers for hackers, who can control them through command-and-control (CnC) server communication, mail communication or manual control.   How it works After being installed, it provides access to the web server and hackers become a...
Read more