The most common CMS attack types
Daniel Mecsei

The most common CMS attack types

Nowadays, the Internet plays a huge part in our lives. It gets bigger and bigger every day, now it has more than one billion websites. Most of these sites are built with CMS which stands for Content Management System. It is a tool that provides an easy-to-use method for users without any programming skills in creating websites. The most common CMSs are written in PHP because most shared-hosting providers only provide this way to share/operate your website with the community. According to the statistics, WordPress has the largest market share with 52%, followed by Joomla with only 6%. The...
Read more
New versions released
Eniko Toth

New versions released

Eniko Toth
In the last 2 weeks, we released 2 new versions of BitNinja. Let’s take a look at the novelties:    BitNinja version 1.12.10: CaptchaChallenge pages now use 403 status code instead of 200. Good bots will notice it and leave it. This means, that the good bots will recognize our captcha pages, and won’t walk around them. Causing that our already low false-positive rate will be further reduced. WordPress wp-login filter threshold increased to 100 attempt. Our log analyser module (SenseLog) perceives a wordpress page update as a wp-login.php request, so we increa...
Read more
WordPress, Curse or Blessing?
Mariann Csorba

WordPress, Curse or Blessing?

Mariann Csorba
WordPress is the most commonly used blog engine, which is free to use and has an open source code. It is used mainly for the operation of websites, blogs and webshops. If your purpose is to have a great website in a blink of an eye, which you are able to develop later in parallel with the change of unique demands, you have found the best solution. Why is it a blessing? As it gets more and more successful, the number of developers and supporters grow proportionately. They constantly look for bugs, vulnerabilities while they report and fix them. It is easy-to-use, so laymen can al...
Read more

CryptoPHP – stop it with BitNinja

Boglarka Angalet
We have terrific news again: BitNinja is able to directly fight against CryptoPHP malware. But what is this backdoor? And what does it do with your servers? Find out from our blog. What is CryptoPHP? CryptoPHP is a backdoor used for spamming and illegal search engine optimization (blackhat SEO) actions. This script provides remote control to servers for hackers, who can control them through command-and-control (CnC) server communication, mail communication or manual control.   How it works After being installed, it provides access to the web server and hackers become a...
Read more