(Apr 24) An update for PackageKit is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
(Apr 24) An update for librelp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
This is a brief intro for how we analyze malware we find on infected websites. What is it? What does it look like? And more importantly – How do we proceed with an infected website?
There are two types of malicious code found on websites:
A type of malicious html or javascript injections in the files or in the html source. They can do any of the following bad stuff.
Generally, you can easily spot client-side malware in HTML source code. Because it’s quite obvious by its malicious behavior. And you can even find it automatically by way of specialized online malware scanners, like Rescan.
Unfortunately, this type of malware is just the tip of the iceberg. Because the root cause hides in the server-side scripts.
A large subset of malware usually represented by the following instances.
Let’s now look at this brief overview of different kinds of Malware that we know of.
Here’s a small piece of code (mostly a single-line code) which hackers use to hijack a website and take full control over it. Usually, misusers have backdoors to deliver payloads or some more functional web-shell scripts.
A hacker’s “control center”. It allows a hacker to execute commands manually via Web UI or remotely on a compromised website. For example, by getting a folder listing, creating/removing/editing files, executing SQL commands, getting server configuration, and more.
A script with the intent to send out spam using some mailing list that the hacker creates. The mailing script automates spam mail-sending, including phishing emails and emails with malicious attachments (trojans).
A script or an injection in the legitimate scripts which intercepts and gathers sensitive data, such as login/password or credit cards, and sends it to the hacker directly.
This script delivers malicious files (usually web-shells) to a server. Or uploads it into some folder on the website. It acts as a “transport” for backdoors and web-shells. Often, it combines the backdoor’s functionality with an uploader’s one.
Basically a whole bunch of different scripts and macros that automate a hacker’s activity. We’re talking bruteforce passwords, attacking other web resources, remotely injecting virus codes, defacing websites, and more.
You’ll locate the vast majority of server-side malware in a website folder structure – usually under upload/tmp/backup/images folders, which are writeable. Or injected at the beginning or at the end of a legitimate script.
Server-side malware mimics the legitimate scripts of the website to hide the evil code from webmasters. Moreover, server-side malware is obscure via encoding in order to become invisible for antiviruses.
We must admit that most compromised websites have a similar subset of malware. There are usually several types of backdoors, a web-shell, a mailing script and payloads, phishing pages, crypto-miners or doorways.
And actually, web-shells and backdoors don’t threaten the website until they are used. The hacker needs these types of malicious scripts to manage a compromised website. In order to run other malicious scripts, upload phishing pages, inject spyware, collect sensitive info, and so on. But the final goal is to use web hosting resources to steal or make money.
It may sound odd, but a hacker doesn’t need a compromised website itself. However, they do need chip hosting resources. Ultimately, the majority of websites hacked via automated untargeted attacks are used as a place to host malicious files and scripts. Or to send out spam.
For example, you can observe the following evil instances on hacked websites.
All this malicious activity on a website may lead to the hosting provider blocking the account or VPS. Because it affects hosting security and their reputation. That’s why it’s very important to identify the threat and malware ASAP. So, keep eye on your website files and pages for danger flags.
Consider that you can’t detect server-side malware by online malware scanners. Because the only thing they can access is a web page HTML code. But not the infected server-side scripts. That’s the reason website administrators have to scan website files on hosting for backdoors, web-shells and other types of malware.
In order to identify server-side malware, you should regularly scan your websites by antiviruses. This, however, doesn’t mean that desktop antiviruses alone are suitable to scan and clean sites. They only know a small amount of website-specific malware – usually, less than 30% of the actual threats out there. And thus, are inefficient at cleaning up web-hosting.
Meaning that it’s important to use a specific type of antivirus software, designed for web hosting. Let’s list the required features that a modern antivirus for sites has to have.
And finally – the good news! Now, Plesk Onyx, the control panel for web hosters, has an effective solution to scan websites for malware.
The Revisium Antivirus extension was released at the end of 2017. The antivirus core is a scanning engine (AI-BOLIT) which Revisium web security experts have evolved and improved over the last 5 years.
And moreover, many hosting providers have been using it as their main scanning tool for websites. Will you be one of them? Click below to find out more about its tools and benefits.
The post Hidden Website Threats: How to deal with Site Malware appeared first on Plesk.
May 27, 2018 is the 15th anniversary of the first WordPress release — and we can’t wait to celebrate!
Join WordPress fans all over the world in celebrating the 15th Anniversary of WordPress by throwing your own party! Here’s how you can join in the fun:
Don’t miss this chance to participate in a global celebration of WordPress!
In honor of the 15th anniversary, we’ve added some special 15th anniversary items in the swag store — you can use the offer code CELEBRATEWP15 to take 15% off this (and any other WordPress swag you buy), all the way through the end of 2018!
Keep checking the swag store, because we’ll be adding more swag over the next few weeks!
However you celebrate the WordPress 15th anniversary — with a party, with commemorative swag, by telling the world what WordPress means to you — remember to use the #WP15 hashtag to share it! And don’t forget to check the stream of WordPress 15th anniversary posts.
When 30% of the internet has a reason to celebrate, you know it’s going to be great!
After Felix Arntz gave his latest speech at WCLDN regarding contributing to the WordPress Core, I had a sit with him. Mostly to chat about what keeps him going. He’s a freelance backend developer, based in Germany. And for many years, he’s been implementing client solutions and plugins that majorly focus on Multisite environments.
This month, Yoast started sponsoring him part-time to contribute to the WordPress Core. Which lets him spend even more time coding for the open-source-project he’s deeply committed to. Besides this, you’ll also find him involved in Multisite, Capabilities and Post Thumbnails. Moreover, he writes plugins and libraries, focusing on developing clean and sustainable solutions. Here’s what we learned from Felix last weekend.
WordPress is free for us and allows us not only to publish content but also to make a living out of it. And even get in touch with awesome people from all over the world. It’s important to give something back in whatever dimension that’s possible for you, as an individual, in whatever area works best for you.
Definitely overcoming the feelings about being “rejected”. For example, when people closed tickets I opened or didn’t accept my suggestions. It’s important to step back and ask yourself why this make you feel frustrated.
Maybe this won’t make a lot of sense to you. But when you write a unit test in WordPress, you don’t need to clean up after yourself. Because WordPress does it for you. It’s not very well-documented, so a lot of people don’t know – unfortunately.
They clean up after themselves and write tons of additional code which is absolutely unnecessary. It’s not important because it doesn’t break anything. But it just kind of bugs me. Yes, a useless thing, which bugs me. (laughing).
Patience. At first, I was very annoyed because many things took a lot of time. I was like, “come on, it’s not that hard to fix!” But when I got my committer access to WordPress core and did my first commit, that was the moment when it clicked.
I was kind of anxious when I was about the hit the “Enter” button for the very first time. Did I do everything right? Would my decision break WordPress? I know my colleagues have similar attitudes too.
Everybody wants to be 100% sure the code they’ll commit will work – and not break anything. I understood then why (good) things may take time and why not everything I had pushed for previously got merged as quickly as I wanted it to.
That’s a very easy question: going to my first WordCamp! One of the best decisions I ever made, to be honest. In my talk I said I regret that I didn’t to that 2 years earlier.
However, it was definitely outside of my comfort zone, because I wouldn’t say I was much of a people person. I didn’t know anybody. But it immediately worked for me. I already met the first cool people of this community on the plane – which was amazing! (laughter).
I really like Sublime Text, which I use as a code editor. It’s a very basic tool but I love how fast it is. This is way more important to me than additional features other editors would provide me with. Well, I argue about that sometimes with people. (Laughter).
WP Query Monitor is a great Developer Tools panel for WordPress. And then some automation tools like Gulp and a lot of testing tools. If I counted them all, it would take us some time. (Laughter)
Coding standards and well, design patterns. Basically more abstractions in the code base. And making it maintainable. Because to be honest, maintaining it is terrible at the moment.
I’ve been holding off learning JavaScript for some time now. Even if my focus is PHP, and if it will probably stay that way, I still really wanna learn and understand JavaScript. And enable myself to create some cool stuff in Gutenberg. And maybe help out in the Gutenberg team at some point.
I didn’t start learning it yet, but I definitely will! Now that we’re talking, I seriously think I’m gonna start tomorrow by learning React and then dive into Gutenberg. (Laughter)
I decided not to go down the business road. Because I love coding. And when you run a business, you do this part that you really enjoy less and less. I just wanna code (Laughter)
I’ve been a freelancer for some years now and I try to automate my workflow as much as possible. So I think I would probably use any tool that would help me doing so. Why not a server management platform like Plesk? I must confess, that I haven’t used Plesk’s control panel so far. And I don’t know that much about it. But that’s nothing we can’t change!
Lots of things music-related: listening, writing and producing music, playing the piano, going to concerts. And I love playing soccer. Oh and of course – travelling the world with WordCamps!
You can very well get familiar with the technical bits of WordPress core contribution during a WP Contributor Day. But you don’t normally get deep insights if you’re interested in finding your spot in a core contributor team.
Carole Olinger introducing #WCLDN in Track B of Metropolitan University https://t.co/lgTmv549IG
— Saskia Lund (@SaskiaLund) April 14, 2018
Felix’s talk is for those who want to contribute as efficiently as possible and deal with roadblocks with less frustration. He showcases the benefits of contributing, recommends how to build trust, and gives insights on which traits are particularly valuable to have. It’s more than just code-writing. It’s building long-term relationships and making significant impacts. WPTV Talk coming soon! Meanwhile, check these slides here.
The post Dev Spotlight: Felix Arntz on Coding and Contributing to the WordPress Core appeared first on Plesk.
50 queries. 8.75 mb Memory usage. 0.283 seconds.