New Feature is Available: FTP CAPTCHA
Eniko Toth

New Feature is Available: FTP CAPTCHA

We’d like to start this year with a great announcement. Our purpose is to help make your servers safe and your service reliable. Your customers’ satisfaction is as much important for us as it is for you. That’s why we created a brand-new feature in order to make BitNinja more convenient for your users. This new module is called FTP CAPTCHA and it allows your visitors to remove their greylisted IP addresses when an FTP connection is opened. What is the reason behind creating the FTP CAPTCHA? If a greylisted IP wanted to connect to a BitNinja-protected server, the visitor could validate he...
Read more
2018: The Year in Review at BitNinja
Boglarka Angalet

2018: The Year in Review at BitNinja

As we look back now, it is amazing to remember all the things we achieved together and all the threats BitNinja saved us from since the start of the year.  Here’s a five minute summary of what we have been up to in 2018.  Hacker-free new year to everyone! See you in 2019! Thank you for an amazing 2018! First of all, we’d like to say thank you for your engagement and support all around the year. You inspire us to achieve the best security solution available, to develop our community and to deepen our knowledge of every aspect of cybersecurity.  Thanks...
Read more
Goodbye Peppa, Hello January!
Eniko Toth

Goodbye Peppa, Hello January!

A few months ago our Attack Vector Miner discovered a new botnet, that we simply call „Hello Peppa botnet”. Now, this botnet welcomes the new year in a new mask. Specifics of this botnet Its behaviour stayed the same, like what we mentioned in the case of the Hello Peppa: Checks backdoors which remained from a previous infection. Uses the Mozilla/5.0 User Agent The most targeted URLs are: /7788.php /8899.php /9678.php /conflg.php /db.init.php /db__...
Read more
The BitNinja mature WAF module
Nikolett Hegedüs

The BitNinja mature WAF module

Nikolett Hegedüs
We love to talk about our Web Application Firewall (in short: WAF) module, since its’ complete makeover and upgrade. Before the WAF 2.0, we had a previous Web Application Firewall module that’s been completely redesigned: this was the reason why the new WAF module got a brand new name too: it’s called WAFManager now. But you’ll only see the module’s name like this in CLI, because we’re calling it WAF 2.0 most of the time. We put a lot of time and effort into shaping the upgraded, mature WAF module into an asset that is effective and customizable for our users. And why did we...
Read more
WordPress User Enumeration Attack in Focus
Valentin Balint

WordPress User Enumeration Attack in Focus

If you’re a WordPress user, then this following article is a must for you. However, if you are interested in website vulnerabilities and how they can be attacked, and you wish to upgrade your knowledge about them, you’ve also come to the perfect place as well. In this article, we’ll be talking about the user enumeration attack method, and how you can protect against it if you’re a WordPress user. Attack type A hacker can use user enumeration to get access to a specific application or website by getting the credentials—in the first instance, the usernames—through an attack. If the attacke...
Read more
Bitninja for Plesk - New extension for Plesk users
Boglarka Angalet

Bitninja for Plesk - New extension for Plesk users

We are happy to announce the release of our brand-new BitNinja Plesk extension. From now on, Plesk customers can get all the advantages and secure their Linux servers much easier from their Plesk panel. The BitNinja Plesk Extension gives you real-time protection against a wide range of threats without the need of any configuration and long hours of work. Scheduled reports, automatic false positive handling and threat analysis for more in-depth review are the cherry on top for analytical minds. Within the BitNinja Extension, it's getting more comfortable for Plesk users to in...
Read more
Became More Secure Than Other Hosting Companies: Case Study with FastComet
Eniko Toth

Became More Secure Than Other Hosting Companies: Case Study with FastComet

FastComet is one of the trendiest web hosting companies these days. They have more than 45,000 customers from 83 countries, over nine years of experience in system administration, and they’ve been providing public cloud hosting services since 2013. FastComet has a very high rating on HostAdvice, thanks to their high reliability, excellent 24/7 support, affordable pricing, easy usability, and fantastic features. FastComet joined our Ninja Community in 2017 and we are delighted that since then they’ve become one of our biggest partners. Now, it’s time to share the story about how BitNinja bro...
Read more
New BitNinja WAF Rules to Protect Against RCE Attacks
Eniko Toth

New BitNinja WAF Rules to Protect Against RCE Attacks

Your server’s safety is the number one priority for us, that’s why we have created two new BitNinja WAF rules which are already part of the safe minimum ruleset. They grant protection against the following vulnerabilities: Magento Remote Execution Protection Those who are using Magento and didn't apply the patch are vulnerable to RCE (remote code execution) attacks. By targeting the “Cms_Wysiwyg” controller, the attacker can take over the site and gain information such as customers’ credit card details. BitNinja will block requests sent to this controller which contain exact para...
Read more
The Most Famous Vulnerabilities – Remote Code Execution (RCE)
Jozsef Konnyu

The Most Famous Vulnerabilities – Remote Code Execution (RCE)

If someone wants to use a server resource or take control of the server in some way or wants to steal data, then he does it via remote code execution vulnerability. What is Remote Code Execution? This vulnerability triggers in so many ways, but in most cases, it is possible via the following methods. •Untreated inputs •Untreated file uploads We talk about an untreated input when there is little validation on the server side or none at all. For example, we have a server control panel, and we have an input on it, where we can add commands which will run directly on the server. In...
Read more
Using server security scanners besides BitNinja: consequences, solutions
József Pálfi

Using server security scanners besides BitNinja: consequences, solutions

There are tons of paid/free cloud-based solutions or standalone applications available over the internet that allow the user to check a system’s security level. Depending on the need, people can choose from simple nmap through “blackbox” security assessment tools to a wide range of heavy-weight penetration testing tools. Our approach Here at BitNinja we think that security testing is the given organization’s responsibility. They should create a security-testing strategy and keep it up to date (often with help of an external partner, but it is very important that this is with the responsi...
Read more