Profile

Cover photo
Denis Sinegubko
Works at Unmask Parasites
449 followers|62,783 views
AboutPostsPhotosVideos
People
Have him in circles
449 people
Basic Information
Gender
Male
Work
Occupation
security researcher
Employment
  • Unmask Parasites
    Founder, 2008 - present
  • Sucuri, Inc.
    security researcher, 2013 - present
Links

Stream

Denis Sinegubko

Shared publicly  - 
 
This is a prevalent site hack this summer
via +Sucuri Inc. 
1
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
 
At Google I/O earlier this week, +Ilya Grigorik and I talked about how to implement HTTPS on all your sites. We covered a ton of topics like why you need HTTPS, how to deploy it correctly that doesn't impact website performance (we talked about HSTS, session resumption, SPDY, and more), and how to make sure your secure sites get indexed correctly (lots of indexing signals!). Check it out:

Google I/O 2014 - HTTPS Everywhere

We referenced some docs and tools. Here they are to dig into:

https://istlsfastyet.com/ (The answer is a resounding "yes")
https://wiki.mozilla.org/Security/Server_Side_TLS
https://www.ssllabs.com/

and, of course, https://www.google.com/webmasters/tools/
2
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
"Canadian pharmacy" spam is nothing new. Google pharmacy is the new trend ;-)

via +Sucuri Inc. 
Do you run your website on WordPress? Have you checked the integrity of your core install lately for SPAM like "Google Pharmacy" stores or other fake stores?
4
1
Maxim Kalmykov's profile photoChristina S's profile photo
 
Oh that's precious LOL
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
Disqus + WordPress < 3.2 + PHP < 5.1.6 = dangerous mix.

Make sure to upgrade all three of them
 
Serious RCE Vulnerability Found in Disqus for WordPress - Time to update.. 
2
1
Shehrazad GUERBAOUI's profile photo
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
CloudProxy added support for SPDY protocol (developed by Google) so you can enable it for your site and make it even mover fast.

http://en.wikipedia.org/wiki/SPDY
Implementations of SPDY exist in Chromium, Mozilla Firefox, Opera, Amazon Silk, and Internet Explorer, and will be included in the upcoming Safari release accompanying Apple's OS X Yosemite.
1
Add a comment...
 
 
In this video tutorial I will describe how to add a new WordPress user account and remove the old one.

The article referencing this tutorial video discussing the "WordPress admin username" is located at http://hackrepair.com/wordpress-admin-username-oh-how-i-hate-thee

Enjoy!
1
Add a comment...
Have him in circles
449 people
 
A popular newsletter/email management WordPress plugin "MailPoet Newsletter" (1.7+ million downloads) has just released an update that patches a severe security hole

http://blog.sucuri.net/2014/07/remote-file-upload-vulnerability-on-mailpoet-wysija-newsletters.html

Update ASAP!
https://wordpress.org/plugins/wysija-newsletters/
1
Add a comment...
 
 
Got an app in addition to your website? Now you can get the relevant content from your app indexed and showing in smartphone and tablet search results. Here's how: 
http://googlewebmastercentral.blogspot.com/2014/06/android-app-indexing-is-now-open-for.html
1
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
:(
 
Internet firm Code Spaces goes out of business after DDoS extortion attack

http://www.welivesecurity.com/2014/06/21/internet-firm-ddos-extortion-attack/

Read my article on the +ESET We Live Security blog.
3
Add a comment...
 
 
"However, not everybody is upset with the change. JD Sherry, vice president of technology and solutions at security firm Trend Micro, said that even though the change caused some problems for Trend Micro users, he was glad Google made the leap.

"This approach is brilliant, and I think it's a wonderful step in the right direction with browser security," he said. It's "critical and important" that Google protect Chrome users against "Java-based attacks and third-party extension attacks," Sherry said."
Google's hard stance against Chrome extensions for Windows hosted outside the Chrome Web Store angers some businesses and their customers.
1
Add a comment...
 
 
My new blogpost with speculations about doorway schemes that redirect back to search results.

Dumping unneeded traffic or second level of search engine optimization and traffic re-targeting?
http://blog.unmaskparasites.com/2014/06/11/google-doorway-google-spam/
1
Add a comment...
 
 
Twitter client Tweetdeck has an XSS flaw. Here’s what you should do right now

http://grahamcluley.com/2014/06/tweetdeck-xss-flaw-heres-right-now/
1
Add a comment...