New Zero-Day Vulnerability on the Horizon Again
Eniko Toth

New Zero-Day Vulnerability on the Horizon Again

After the “Hello, Peppa!”  zero-day botnet, our Attack Vector Miner detected another zero-day vulnerability.  Some vulnerable websites contain an /ept/out.php file, which can work as an open proxy. That’s why the attacker scans the /ept/out.php file. Let’s see an example:  The number of these attacks started to increase on July 11th, and as we can see in the diagram below, the botnet’s activity is slowing down now.  During the peak time, we experienced 15.000 attacks per day and most of them tar...
Read more
3rd Drupalgeddon alert! How to be protected with BitNinja?
Eniko Toth

3rd Drupalgeddon alert! How to be protected with BitNinja?

Third critical Drupal vulnerability discovered!!! Those who are running a Drupal website couldn’t have a rest over the past few weeks. This is the third time when Drupal recommends to update these sites. During exploring the previous remote code execution (RCE) vulnerability, the CVE-2018-7600, the team discovered a new RCE vulnerability (CVE-2018-7602). If  you or your customers have Drupal websites and would like to avoid  backdoors, cryptocurrency miners and other malwares, BitNinja is here to  help you! Just make sure your WAF rule #402003 is enabl...
Read more
Security by design
Laszlo Takacs

Security by design

Our team has attended the CloudFest back in March where during the security panel we have attended a presentation about the importance of security by design an important thing in terms of responsibility and suggested OWASP as a standard to start with. In this blog post we would like to show, why it is important for developers too, not just for security providers. The best way to define it is an approach to software and hardware development where the main goal is to make a system as free of vulnerabilities and imprevious to attack as possible. To achieve this there is a need for a huge amoun...
Read more
Serious Drupal vulnerability alert! How to virtual patch it with BitNinja WAF?
Eniko Toth

Serious Drupal vulnerability alert! How to virtual patch it with BitNinja WAF?

2 days ago, a serious vulnerability, SA-CORE-2018-002 (CVE-2018-7600) has been found in Drupal 6, 7 and 8, which affects over one million websites. All the unpatched Drupals are in serious danger! An attacker can upload backdoors or malware via this newly discovered vulnerability. The vulnerability is scored 21/25 Highly Critical! Details of the vulnerability: This vulnerability has been categorized as a Highly Critical issue because… With a simple user visit, the hackers can easily leverage the SA-CORE-2018-002. There is no need for special privilege levels. All users or even an...
Read more
The preface of digital war - WannaCry
Szabolcs Hegedűs

The preface of digital war - WannaCry

Szabolcs Hegedűs
On 12th May 2017, the biggest cyber attack of recent times has happened and the threat is still present. Started from Europe and within a couple of hours has grown into a worldwide virus. The crisis has been caused by the WannaCry ransomware and its variants. The virus locks the infected computer and informs the users with a message onscreen. They can only continue to use the PC after paying $300 or $600 in BitCoins. According to the experts, the device used during the attack was developed by the renown Shadow Brokers hacker group. The ransomware might have been combined with...
Read more
New improvements at BitNinja - HTTPS solution
Nikoletta Szabo

New improvements at BitNinja - HTTPS solution

In this article, we would like to summarize our recently released developments, which impact the daily life of our clients. First of all, ... TheHTTPS Captcha: If you enable this feature in your agent, BitNinja will be able to present a Captcha on HTTPS. This will make the IP removal from our greylist possible just by one click not only on HTTP protocol but also on HTTPS. What results can be achieved by using it? Less complaint from your customers about the failure of removal, resulting in a lower load on your support staff Lower false-positive rate How does it work? T...
Read more
Holiday Vulnerabilities
Ilona Lebed

Holiday Vulnerabilities

Ilona Lebed
This time of the year is always very cheerful. It’s the holiday season; everyone is happy and excited with all the festivities going on. But it’s important to be careful, especially during the holidays and going into the new year. Hackers prey during this time period, distractions from the season are all around. Hackers need more bots in their botnets around this time of the year, which is why they increase the volume of attacks. This directly impacts web-hosting companies, which is where BitNinja can help– holidays and beyond! Be aware of some of the things that may happen this holiday season...
Read more
Ransomware: what is it and why is it dangerous?
Nikolett Hegedüs

Ransomware: what is it and why is it dangerous?

Nikolett Hegedüs
Let’s start with the definition. Ransomware is a kind of malware that installs itself onto an unprotected computer, encrypts some files, and asks for a certain amount of money for decryption or to not publish certain sensitive information online. It is called a denial-of-access attack and it can be very frustrating because you know that the files are there but you can’t access them.   There are two types of ransomware attacks: Simple ransomware or lockscreen, where the system is locked. The attack is more serious if the files are really encrypted. It is called a file co...
Read more
Have you ever forgot the root password of your server?
Mariann Csorba

Have you ever forgot the root password of your server?

Mariann Csorba
We are all human beings and do not work like flawless creatures of artificial intelligence, we are prone to make mistakes and forget things. Although, sometimes we forget crucial information which might be essential to our daily life, like the root password of our server. For a sysadmin it can be a real disaster if s/he cannot log into the server. What can you do if this happens with you? Follow our easy step by step instructions, which will solve this matter.  Save this list and you will never have to stress about the lost or forgotten password again.      ...
Read more

Malware Museum

Nikoletta Szabo
Today’s malwares are designed to be silent, unnoticeable and effective without drawing the attention of users to their maleficent activities. They steal our credit card and personal details without us realizing it. Although, it was not always the popular way to infect servers/computers. A couple of decades ago viruses usually featured colorful pictures, scrambled codes or even a statement on the corruption of your computer.       Mikko Hermanni Hyppönen, a Finnish chief resource officer has recently collected the viruses from the 1980’s and 1990’s and put them to...
Read more