Profile

Cover photo
Denis Sinegubko
Works at Unmask Parasites
501 followers|90,337 views
AboutPostsPhotosVideos
People
Have him in circles
501 people
George Capdefier's profile photo
Sergej Schaporew's profile photo
David Dede's profile photo
Petr Deruga's profile photo
Татьяна Наумова's profile photo
Art Preneur's profile photo
yogendra pawar's profile photo
Андрей Степаков's profile photo
Jose manuel Adarbe Sanchez's profile photo
Basic Information
Gender
Male
Work
Occupation
security researcher
Employment
  • Unmask Parasites
    Founder, 2008 - present
  • Sucuri, Inc.
    security researcher, 2013 - present
Links

Stream

Denis Sinegubko

Shared publicly  - 
 
 
We welcome great Senior PHP Developers / Ops. Full time, remote position. Join us today! http://hubs.ly/H0143KT0
Website Protection, Malware Removal, and Blacklist Prevention
View original post
2
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
 
We're looking for a great Event Marketing Coordinator.
If you have experience in event marketing, marketing automation and CRM (preferably Hubspot) and you think you own some excellent communication skills, apply today and let's talk! http://hubs.ly/H013CFM0
View original post
1
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
My latest post  on the +Sucuri Inc. blog
 
This attack created from 1,000 to 40,000 spammy doorway pages on the compromised sites: Wigo Means Bingo for Blackseo Agent http://hubs.ly/H014Qfk0 
This week my colleague Peter Gramantik showed me a few infected sites that had very similar code embedded in the WordPress index.php files: if (eregi('-dbst',$_SERVER['REQUEST_URI'])) { error_reporting(0); include ('license.txt'); exit(); } The code is very simple. It checks if a page URL has “-dbst” appended to the URL and executes code from an included file. AtRead More
View original post
2
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
 
Last week the WordPress team released a patch that fixed 6 security vulnerabilities. Of the six, you’ll find one that we identified a few months back: Persistent XSS Vulnerability in WordPress Explained http://hubs.ly/H013zpQ0
Security Risk: Dangerous Exploitation level: Easy DREAD Score: 6/10 Vulnerability: Persistent XSS Patched Version:  4.2.4 Last week the WordPress team released a patch that fixed 6 security vulnerabilities. Of the six, you’ll find one  that we identified a few months back. Vulnerability Disclosure Timeline: May 6th, 2015 – Initial report to WordPress security team MayRead More
View original post
1
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
 
#NoHacked is back with more specific and advanced information.
We noticed a 180% increase in the number of sites getting hacked this past year. In these next few weeks, we'll help you learn to protect your content on the web through:
• hacking insights on our blog every Monday
• actionable tips on our social channels every Wednesday
• a security-themed Hangout on Air: https://goo.gl/U8htqZ

Check out our 1st #NoHacked blog post on password security, software security and helpful tools → http://goo.gl/979BBB
5 comments on original post
1
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
Despite of the name and claims on their sites, some online services have a shady reputation.

https://blog.sucuri.net/2015/07/webutation-distributing-malware-through-safety-badge.html
If you are using the Webutation badge on your site, remove it now. It appears they got hacked and are distributing malware to mobile devices through redirects hidden within the badge’s code. We were analyzing a website that was compromised and redirecting visitors to bogus apps on the Apple App Store and the Google PlayRead More
1
Add a comment...
Have him in circles
501 people
George Capdefier's profile photo
Sergej Schaporew's profile photo
David Dede's profile photo
Petr Deruga's profile photo
Татьяна Наумова's profile photo
Art Preneur's profile photo
yogendra pawar's profile photo
Андрей Степаков's profile photo
Jose manuel Adarbe Sanchez's profile photo

Denis Sinegubko

Shared publicly  - 
 
 
When did you last check your .htaccess file? Do it today! http://hubs.ly/H013P0R0
Recent conditional malware redirect affects popular CMS applications like WordPress, Joomla, Drupal, vBulletin and others running on the Apache web server.
View original post
2
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
 
Cleaning a hacked site can be difficult without the proper tools. Here are some tools that can help.

These scanners can help you identify security issues on your site:
• Aw Snap: http://aw-snap.info/file-viewer
• Virus Total: https://www.virustotal.com/
• Sucuri Site Scanner: https://sitecheck.sucuri.net
• Wepawet: https://wepawet.iseclab.org

These tools can help you decode hard to read PHP files:
• DDecode: http://ddecode.com
• UnPHP: http://www.unphp.net

Other helpful resources from Stop Badware:
https://www.stopbadware.org/hacked-sites-resources

#NoHacked
9 comments on original post
1
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
Good explanation about why disallowing /wp-admin in robots.txt may be not a good idea
 
With all the back & forth on robots.txt, I ran across +Joost de Valk's post from earlier this year about his robots.txt file. It's pretty empty, read his post to find out why. Good stuff! 

https://yoast.com/wordpress-robots-txt-example/
3 comments on original post
1
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
My new post on the +Sucuri Inc. blog:

In June we reported that SweetCaptcha injected third-party ad code to their scripts which lead to malvertising problems on the sites that used this CAPTCHA service. After that incident, the SweetCaptcha WordPress plugin had been removed from the official plugin repository.

To our surprise, we noticed SweetCaptcha in the WordPress repository on July 22 2015. To even greater surprise, the plugin page URL was "https: // wordpress .org/plugins/ jumpple /.

You can find the rest of this almost detective story here: https://blog.sucuri.net/2015/07/sweetcaptcha-returns-hijacking-another-plugin.html
Yesterday we observed a strange short return of the SweetCaptcha plugin to WordPress.org repository. In June we reported that SweetCaptcha injected third-party ad code to their scripts which lead to malvertising problems on the sites that used this CAPTCHA service. After that incident, the SweetCaptcha WordPress plugin had been removed from the official plugin repository.Read More
1
Add a comment...

Denis Sinegubko

Shared publicly  - 
 
WordPress update time.

4.2.3 - is a critical security release
WordPress 4.2.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.2.2 and earlier are affec...
2
2
Misha M.-Kupriyanov's profile photoArt Zemon's profile photo
Add a comment...