amuck-landowner

Fiberhub Website has been infected....

Nyr

Active Member
How THE FUCK they can still be infected after 10 full days.


I was going to contact them for a quote and just got redirected to the malware. Obviously don't want the service any longer.


This is ridiculous.
 

HalfEatenPie

The Irrational One
Retired Staff
How THE FUCK they can still be infected after 10 full days.


I was going to contact them for a quote and just got redirected to the malware. Obviously don't want the service any longer.


This is ridiculous.

I think they just clear the malware, but they don't actually patch the hole. (That's what he said?)
 

DomainBop

Dormant VPSB Pathogen
How THE FUCK they can still be infected after 10 full days.


I was going to contact them for a quote and just got redirected to the malware. Obviously don't want the service any longer.


This is ridiculous.

Probably because the infection wasn't in a plugin.  WordPress 4.4.1 had an open redirection attack vulnerability that was just patched yesterday with the release of v4.4.2 (that's the 2nd major security release issued by WP in the past 3 weeks).

Wordpress Vulnerability :-


What it is about?


WordPress versions 4.4.1 and earlier are affected by two security issues: a possible SSRF for certain local URIs and an open redirection attack.
 

Nyr

Active Member
Probably because the infection wasn't in a plugin.  WordPress 4.4.1 had an open redirection attack vulnerability that was just patched yesterday with the release of v4.4.2 (that's the 2nd major security release issued by WP in the past 3 weeks).

Benefit of the doubt then I guess, in case those were two separate infections.
 

HalfEatenPie

The Irrational One
Retired Staff
I mean....  Two days ago or so I got this email:

National Cyber Awareness System:



WordPress Releases Security Update


02/02/2016 04:46 PM EST

 


Original release date: February 02, 2016

WordPress 4.4.1 and prior versions contain two security vulnerabilities. Exploitation of one of these vulnerabilities could allow a remote attacker to obtain sensitive information.


Users and administrators are encouraged to review the WordPress Security and Maintenance Release and upgrade toWordPress 4.4.2.




https://www.us-cert.gov/ncas/current-activity/2016/02/02/WordPress-Releases-Security-Update

So.... 
 

HalfEatenPie

The Irrational One
Retired Staff
Repeat after me, WORPRESS NEVER GETS EXPLOITED.  It's the plugins ;)


Everything gets exploited.  More marketshare, higher value target, that simple.

Shush.


I stand corrected lel.
 
Last edited by a moderator:

HN-Matt

New Member
Verified Provider
Wordpress is cancer.


Just like cancer, it's easy to obtain and easy to spread.


Here's what Wordpress did over the years:


- Lots of crappy coders with its laughable coding practices and low entry barrier to actually extend the code. This has trashed the reputation of PHP coders in general.
- Internet being full of spam content websites. The golden SEO children have generated automated plagiarized and scrambled content that have no value.
- Trashed website building market. New age web designers are just people who do a wordpress install and buy a template and plugins and call it a website.
- Lots of Layer-7 DDoS attacks due to that stupid blog ping page.
- Lots of rooted servers that are used to attack or spam or phish.
 


It's written with nothing other than a simple blog in mind and they kept putting everything on top of that core without actually improving any quality. This made Wordpress being evolved for the end user/client, not for the actual techy people.


Wordpress is cancer.

Gonna necro this for cancer research.

My thinking on the 'golden SEO children' phenomena: what if their zany autoplagiarism shtick is an absurdist parody / satire of certain cancerous economic behaviour that is infinitely contemptible? (i.e. thereby providing endless material for its own ridicule prior to the point of its own unforeseen autorelinquishment). At the same time the gesture might function as a serendipitous inway for cancer research, suggesting deeper structural causes.
 
Top
amuck-landowner