Hack Your Business - 8 KPIs instantly improved by BitNinja
George Egri

Hack Your Business - 8 KPIs instantly improved by BitNinja

I was about to outline the most important conclusions - in terms of results and values what we can give, after participating in the 100th user interview this month at BitNinja. Although many of our partners have been happy to see how BitNinja transformed their server security, yet they are still surprised when they experience the positive side-effects that BitNinja has on their KPIs. I know exactly how hard it is to choose the right vendor when it comes to security with over sixteen years of experience in web hosting behind me. Also, I know that you want to make sure about the outcome...
Read more
WordPress Hosting Protected by BitNinja - Case Study with Mijn Websitehosting
Boglarka Angalet

WordPress Hosting Protected by BitNinja - Case Study with Mijn Websitehosting

WordPress is by far the most popular CMS today. However, this popularity has an unfortunate side effect of also making WordPress sites extremely exposed to potential attacks. It means quite a huge challenge to web hosting providers to keep the hackers out of their business. Fortunately, this task is not impossible.   https://kinsta.com Our great partner, Mijn Websitehosting has over 14 years of expertise in this field and chose BitNinja to help them successfully protect their customers.  Read on to learn about their struggles, before they stepped on the road...
Read more
(D)DoS attack - How does it work and how will BitNinja stop it?
Nikolett Hegedüs

(D)DoS attack - How does it work and how will BitNinja stop it?

100% server uptime... Every hosting company is dreaming about it as nowadays when there are countless service providers, customers will choose the one which grants reliability. What happens when a website is inaccessible? It’s always painful for the website owner, the visitors and for the hosting company. There could be many reasons behind it, but maybe the most annoying is when it happens because of a DoS attack. What is DoS? DoS stands for Denial of Service: it’s a type of attack that could render web servers unresponsive - meaning they won’t be able to serve HTTP requests. So users ca...
Read more
Troubleshooting - Manually or Automated?
Boglarka Angalet

Troubleshooting - Manually or Automated?

Time is a limited resource for all IT teams. They must be quick, effective and focused on the right goals. However, when the house is burning - let’s say hackers infected your servers, often you have to throw your projects away and start fire fighting to prevent further damage. But are you? Shouldn’t a server security software do all this instead of long hours of manual work? Hacked servers = Losing business 87% of unhappy customers won’t complain to you about any problem with their websites or servers. They just stop doing business with you and move on to your competitors. Confrontat...
Read more
The Most Famous Vulnerabilities - Cross-Site Scripting (XSS)
Jozsef Konnyu

The Most Famous Vulnerabilities - Cross-Site Scripting (XSS)

It’s been a while since I wrote the previous episode of my blog series. If you are interested in Remote Code Execution, then I definitely recommend reading the previous part. So, here we are again, the moment has come for my final article about cross-site scripting (XSS). What is Cross-Site Scripting (XSS)? Usually, XSS vulnerability occurs when there are untreated inputs and bad cookie usage. So, please let me tell you about a case that happened in 2005 on Myspace. A MySpace user found an XSS vulnerability on the site, and he wrote a payload called „Samy Worm.” This payload was a...
Read more
BitNinja WAF protects against the latest Drupal vulnerability (CVE-2019-6340)
Eniko Toth

BitNinja WAF protects against the latest Drupal vulnerability (CVE-2019-6340)

The social media and the cybersecurity sites were blowing up when Drupal published their latest vulnerability (SA-CORE-2019-003). It’s not a surprise that this remote code execution vulnerability got a highly critical label, as hackers could easily hack your Drupal 8 websites. But BitNinja users shouldn’t have to worry for any minute, as they were protected by our WAF from the very beginning of this RCE flaw. We have already seen some attempts caught by the rule 933170, so hackers didn’t wait a lot to exploit the CVE-2019-6340. How are hackers trying to exploit the latest Drupal vulnerab...
Read more
GXHLGSL.txt file uploader botnet –Discovered by BitNinja FtpCaptcha
Eniko Toth

GXHLGSL.txt file uploader botnet –Discovered by BitNinja FtpCaptcha

At the beginning of the year we released our brand-new FtpCaptcha module, and of course, we were so excited about receiving the first incidents. However, we didn’t think that the very first logs will be such eye-catching. We detected a not so well-known botnet, and we didn’t find an article about it (only a few forum topics), so we summarized everything that you need to know about it. Test the ability to upload a file This botnet is trying to upload a file named GXHLGSL.txt, which contains only this: TEST. If it was a vulnerability scanner, there would provide some description about it o...
Read more
Botnet renewal – Here is the February botnet
Eniko Toth

Botnet renewal – Here is the February botnet

Do you remember the new version of the Hello Peppa botnet? At the end of 2018, it was welcomed into 2019 slightly early, and the January botnet started to spread. Well, it wouldn’t be funny, if the botnet would still send the „J4nur4ry” in the Post Data when we are already over January… So, here is the February botnet! Despite the January botnet, this one was accurate and started on 1st February. The pike was on the next day, as you can see it from the chart below.   After that, it looked like it moved back, but on 17th Feb there was another pike. Let’s look closely to o...
Read more
News from Threat Lab: 4+1 New SenseLog rules have been created
Eniko Toth

News from Threat Lab: 4+1 New SenseLog rules have been created

The new year inspired us and brought new vibes to our office. Our tech ninjas are developing several new badass features. Besides the new features, we are also improving our existing modules as well. Last week, the SenseLog module became enriched with 4 new rules and another rule has been updated. Here is a list of them: 1. Apache Magento Downloader (Rule ID: 80_1_021) 2. Apache WP Login Deprecated Firefox User Agents (Rule ID: 80_1_022) 3. Plesk Login Fail (Rule ID: 8443_1_001) 4. LFD Blocked (Rule ID: lfd_1_001) +1  Updated rule: Apache WP XML-RPC Suspicious User Agent (Rule...
Read more
How to secure WP-login
Laszlo Takacs

How to secure WP-login

WordPress is the most known CMS in the world currently (WordPress runs 32% of the entire internet), we hear that it is the easiest CMS to handle, to install and to use. Taking all these information into account, we would think that it is safe as a house. Wrong! It might be easy to use, but for this exact reason, it is easy to hack. As it is free, there are many free plug-ins which are usually not up to date, creating weak points. Hackers always tend to exploit vulnerabilities in Plugins, Themes and WP Core. There are many parts where WordPress should be strengthened, now I would like to hig...
Read more