Hacked or Not
Cleaning the web - one step at a time

By reducing the time websites stay hacked, we decrease the value to the criminal hacker and we fundamentally change the economics of hacking.

Freephone:     0800 756 6482
International: +44 1524 63492
Lancaster UK: (01524) 63492
Need your site cleaning now ?

Introduction to the Hacked Or Not Blog

Hello and welcome to what we expect to be a regularly updated blog featuring updates on all our ongoing activities within the HackedOrNot project. All constructive criticism whole heartedly received and appreciated!

Where to start is the tricky bit as so much is ready to be rolled out so lets start at the beginning of the year and catch up.

On the 5th January the team were working hard on the development of "Hacked or Not" which is a new project that scans the web for hacked / compromised / hijacked websites and follows all suspicious or SPAM links which frequently lead to other hacked sites. The scanner robot records all contaminated websites, with the intention that at some point down the line we will then alert the website owner/host of the infection.

Continue Reading An Introduction to the Hacked Or Not Blog

Joomla 2.5 End Of Life

The end of 2014 was also the end of Joomla 2.5, all site admins are advised to update to the latest version of the Joomla 3 branch.

Check that all your extensions are up-to-date and your template is 3 compatible, take a backup and then go through the in-built updater component.

Continue Reading About Joomla 2.5 End Of Life

Security Exploit Patched on vBulletin – PHP Object Injection

The vBulletin team just issued a warning, and released patches for a security exploit that affected all versions of vBulletin including 3.5, 3.6, 3.7, 3.8, 4.X, 5.X. They recommend that anyone using vBulletin apply these patches as soon as possible. Here is part of their announcement:

A security issue has been found that affects all versions of vBulletin including 3.x, 4.x and 5.x. We have released security patches to account for this vulnerability. This includes patches for vBulletin 3.8.7, vBulletin 4.2.2 and all versions of vBulletin 5 (including Cloud accounts). The patch is also applied to vBulletin 5.1.0 RC1. It is imperative that you apply these patches as soon as possible.

Continue Reading

PHP bug allowing site hijacking still menaces Internet 22 months on

A vulnerability that allows attackers to take control of websites running older versions of the PHP scripting language continues to threaten the Internet almost two years after security researchers first warned that attackers could use it to remotely execute malicious code on vulnerable servers.

As Ars reported 22 months ago, the code-execution exploits worked against PHP sites only when they ran in common gateway interface mode, a condition that applied by default to those running the Apache Web server. According to a blog post published Tuesday, CVE-2012-1823, as the vulnerability is formally indexed, remains under attack today by automated scripts that scour the Internet in search of sites that are susceptible to the attack. The sighting of in-the-wild exploits even after the availability of security patches underscores the reluctance of many sites to upgrade.

Continue Reading