Network Solutions Sites Hacked Twice This Month

Web hosting company Network Solutions LLC has had a bad month for security this April 2010.

At the start of the month some of their customers who were running WordPress blogs started noticing that visitors to their sites were being redirected to a website that then infected their PCs with malware!

Sadly, the company tried to explain it as an issue with WordPress and try an deflect any questions away from their own security setup.

It later became apparent that Network Solutions LLC had a poor security configuration on one of their servers and that allowed people on the same box to read each others’ configuration files – YIKES!

…essentially that meant the person that did this, just setup an account with the company and was then able to “scan” other customers WordPress files and insert the code for the malware URL redirect.

(If you want some basic security advice for WordPress blogs then I have a section in my new Security Guide that walks through this important topic.)

The second security problem Network Solutions LLC have had this month is some customers having code added to their websites! Here is a quote from their support blog:

“We have received reports that Network Solutions customers are seeing malicious code added to their websites and we are really sorry for this experience. At this time since anything we say in public may help the perpetrators, we are unable to provide details. It may not be accurate to categorize this as a  single issue such as “file permissions”. Please know that we have all hands on deck fighting this new internet threat and investigating the cause.”

…well this clearly shows, in their rather cryptic language, that this is NOT another WordPress iframe injection issue.

So what is it?  …well the company are not saying at the moment.

When it comes to selecting a webhost for your hosting needs, i suggest you do some research in the search engines first to read any stories like this one.

Regards

Marc Liron – Microsoft MVP

David Lang on Cloud Security

An interview with David Lang, Dells program manager for federal security. David talks about Dells joining of the Cloud Security Alliance (CSA) at the end of last year and how he addresses questions around cloud security and what type of environments you find in federal space.

[youtube]http://www.youtube.com/watch?v=5hP48MIfrX0[/youtube]

Kind Regards

Marc Liron – Microsoft MVP

Adobe Reader October Security Update

Critical vulnerabilities have been identified in Adobe Reader 9.1.3 and Acrobat 9.1.3, Adobe Reader 8.1.6 and Acrobat 8.1.6 for Windows, Macintosh and UNIX, and Adobe Reader 7.1.3 and Acrobat 7.1.3 for Windows and Macintosh.

These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system. This update represents the second quarterly security update for Adobe Reader and Acrobat.

Adobe recommends users of Adobe Reader 9.1.3 and Acrobat 9.1.3 and earlier versions update to Adobe Reader 9.2 and Acrobat 9.2. Adobe recommends users of Acrobat 8.1.6 and earlier versions update to Acrobat 8.1.7, and users of Acrobat 7.1.3 and earlier versions update to Acrobat 7.1.4.

For Adobe Reader users who cannot update to Adobe Reader 9.2, Adobe has provided the Adobe Reader 8.1.7 and Adobe Reader 7.1.4 updates. Updates apply to all platforms: Windows, Macintosh and UNIX.

Affected software versions:

– Adobe Reader 9.1.3 and earlier versions for Windows, Macintosh, and UNIX

– Adobe Acrobat 9.1.3 and earlier versions for Windows and Macintosh

Solution:

– Adobe Reader

Adobe Reader users on Windows can find the appropriate update here:

http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows

– Acrobat

Acrobat Standard and Pro users on Windows can find the appropriate update here:

http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows

Acrobat Pro Extended users on Windows can find the appropriate update here:

http://www.adobe.com/support/downloads/product.jsp?product=158&platform=Windows

Acrobat 3D users on Windows can find the appropriate update here:

http://www.adobe.com/support/downloads/product.jsp?product=112&platform=Windows

Severity Rating:

Adobe categorizes this as a critical update.

NOTE:

There are reports that this issue is being exploited in the wild, via limited, targeted attacks.

This update resolves a memory corruption issue that could potentially lead to code execution.

This update resolves multiple heap overflow vulnerabilities that could potentially lead to code execution.

This update resolves an invalid array index issue that could potentially lead to code execution.

Regards

Marc Liron – Microsoft MVP