Just a sample of the Echomail archive
[ << oldest | < older | list | newer > | newest >> ]
| Message 2055 |
| August Abolins to Nick Andre |
| LCBO breech |
| 16 Jan 23 14:57:00 |
MSGID: 2:221/1.58@fidonet 047fe4de REPLY: 1:229/426 251975F0 PID: OpenXP/5.0.51 (Win32) CHRS: ASCII 1 TZUTC: -0500 Hello Nick! NA> I have a customer with a Wordpress site that had similar problems. Oh NA> what a freaking nightmare that was... in the end I had to completely NA> disable all plugins and widgets until the culprit was found. My approach with WP is to turn off outside access first. Just park a landing page with an "offline/maintenance" comment or something. Then, it is pretty straight forward to walk through the directory tree to look for rogue .php files. Although php injections are common, they can't avoid several things from being spotted. NA> Not saying the LCBO site was built on it but I find as time goes on, NA> websites tend to be designed around a framework of some kind rather than NA> HTML from scratch... and very little attention is given to security of NA> that framework. I had one particiular site that was purely HTML, but it *still* had rogue and php content inserted and that actually was triggered and active. The hosting service said that it can still happen over shared domain space; when one client is infected the hack can traverse to other domains on the same server. It hasn't happened a 2nd time since I brought it to their attention. lcbo.com doesn't bear the code markings of a WP site. But I notice that places like Indigo and CanadianTire have surrendered to Shopify; that's probably fits into the kind of framework you're taking about. Hack one Shopify site, hack them all. -- ../|ug --- OpenXP 5.0.51 * Origin: A turtle that surfs the dark web. [o] A TORtoise (2:221/1.58) SEEN-BY: 1/19 123 15/0 16/0 19/10 37 90/1 105/81 106/201 120/340 123/130 SEEN-BY: 123/131 129/305 142/104 153/7715 203/0 218/700 221/1 6 360 SEEN-BY: 226/30 227/114 229/110 111 112 113 114 206 275 307 317 400 SEEN-BY: 229/424 426 428 452 470 550 664 700 240/5832 266/512 280/464 SEEN-BY: 280/5003 282/1038 292/854 301/1 317/3 320/119 219 319 2119 SEEN-BY: 322/0 757 325/304 326/101 342/200 396/45 423/81 460/58 633/280 SEEN-BY: 712/848 PATH: 221/1 320/219 229/426 |
[ << oldest | < older | list | newer > | newest >> ]