![[Avatar]](/images/avatar26.png){kind=avatar}
dremeda
18p20 comments posted · 0 followers · following 1
13 years ago @ Naked Security - Large US hosting provi... · 2 replies · +1 points
In this specific case, I'd be willing to bet the vector had something to do with directory traversal in multi-domain accounts, and/or FTP user issues.
This is most likely how it started spreading, and then used outdated, known to be exploited versions of WordPress (& other software) to exploit, infect, and reinfect.
13 years ago @ 9seeds, LLC - OMG, we're a year old! · 0 replies · +1 points
I'm looking forward to WordCamp Las Vegas action in a few weeks, and some Fizzy Pops sprinkled in the mix!
Cheers,
Dre
13 years ago @ Sucuri Security - GoDaddy hacked - Fixin... · 0 replies · +3 points
This is the fundamental awareness issue hosts like GoDaddy don't get. You mass market about awesome hosting, but you sure don't share the same emphasis and passion around educating non-technical people about the inherit security risks involved with hosting and managing a website securely.
Quit with the scripted replies and get realistic. You're devaluing your customers by explicitly publishing inaccurate attack information, who are you fooling? Lastly, continually blaming customers after the fact is not going to earn you brownie points either.
More reason for standards around security controls, information security awareness, and remediation practices in the web hosting world. It would benefit consumers and hosting providers alike.
Regards,
Dre Armeda
Sucuri Security
My recent post GoDaddy hacked – Fixing the “headers already sent” error
13 years ago @ Sucuri Security - GoDaddy sites hacked -... · 0 replies · +1 points
Enjoy your weekend!
Dre Armeda
Sucuri Security
My recent post GoDaddy sites hacked – myblindstudioinfoonlinecom and Hilary Kneber
13 years ago @ Sucuri Security - GoDaddy sites hacked -... · 3 replies · +1 points
Thanks,
Dre Armeda
Sucuri Security
My recent post GoDaddy sites hacked – myblindstudioinfoonlinecom and Hilary Kneber
13 years ago @ Sucuri Security - GoDaddy sites hacked -... · 0 replies · +1 points
I think the point that needs to be made is that this type of stuff happens. The problem we see across the industry is disclosure and resolution practices differ and in some cases fail tremendously.
Security controls, mitigation, and remediation practices need to be standardized across the hosting industry to provide a minimum level of protection to end users across the spectrum of mass marketed products you see advertised.
We do not give hosting recommendations here at Sucuri but a bit of Google research will net great results on the WordPress ready hosting services who seem to best mitigate risks.
Hope that helps!
Dre Armeda
Sucuri Security
My recent post GoDaddy sites hacked – myblindstudioinfoonlinecom and Hilary Kneber
13 years ago @ Sucuri Security - GoDaddy sites hacked -... · 3 replies · +3 points
Thanks,
Dre Armeda
Sucuri Security
My recent post GoDaddy sites hacked – myblindstudioinfoonlinecom and Hilary Kneber
13 years ago @ Sucuri Security - Gmail blacklisted by S... · 0 replies · +2 points
My recent post Gmail blacklisted by Spamhaus
13 years ago @ Sucuri Security - Pharma hack and their ... · 0 replies · +1 points
Thanks.
My recent post Pharma hack and their C&C Command & control server
13 years ago @ Sucuri Security - Pharma hack and their ... · 1 reply · +1 points
The idea here is to try and explain what is going on as we get more details. If we can get out (specifically to hosting providers) information which leads to killing this thing off, or at minimum slowing it down, then we're on the right track. For now, we'll continue to posting relevant information as often as possible.
Hope this helps.
Dre
Contraption