Website Antivirus - CWIS product line

Website Antivirus - CWIS product line Cobweb Security is a young and dynamic company founded by cyber security experts specializing in website and web server security. Our core business is monitoring, detection and cleaning infected Websites. Our extended experience in web security prompt us to develop a more advanced tool, which provides solutions for: scanning, detection of malware, viruses and code vulnerabilities. Our CWIS Anti-Virus with all its’ capabilities allows for ease of use with...


Hackers produced the “biggest YouTube hack in the history”

Hackers produced the “biggest YouTube hack in the history” The group of hackers called OurMine has hacked thousands of YouTube accounts, including profiles of famous bloggers. The group of hackers called OurMine has hacked thousands of YouTube accounts, including profiles of famous bloggers. Malefactors added the name of their group into video titles and left a message in the description saying that they “are just testing your security” and that it is the “biggest YouTube hack in the...


Still using the SHA-1 function? Security experts recommend you don’t

Still using the SHA-1 function? Security experts recommend you don’t In late February 2017 Google experts along with the Dutch Centrum Wiskunde & Informatica (the center of math and informatics) proved that SHA-1 is vulnerable to collision attacks. In other words, hackers, using SHA-1 hash collision can create a fake file with the same SHA-1 hash as the original file. But that should not come as a surprise. Experts have been talking about the vulnerability of the SHA-1 for more than ten...


The Number of Hacked Websites Increased by 32% According to Google’s Webmaster Central Blog

The Number of Hacked Websites Increased by 32% According to Google’s Webmaster Central Blog According to Google report https://webmasters.googleblog.com/2017/03/nohacked-year-in-review.html?m=1 On the State of Website Security in 2016, there was a significant increase in the amount of compromised websites. However regrettable, the Internet did not become a safer place in the past year, compared to 2015. In 2016 the amount of hacked websites increased by 32% . “We don’t expect this trend...


Security breach in a WordPress Plugin «Wordfence Security» (Part II)

Security breach in a WordPress Plugin «Wordfence Security» (Part II) On the basis of the simulated situation we discussed in our previous article, one of our clients found himself in a similar problem. A couple of days ago our client, when attempting to upload a file, received the following error message:   The editing template files and plugin files on the server were also disabled. Checking which plugins are already installed, we’ve noticed that a “Wordfence Security” plugin was...


Security Breach in a WordPress Plugin «Wordfence Security» (Part I)

Security Breach in a WordPress Plugin «Wordfence Security» A short side note: This article was made after we shared the breach with the developers of the plugin and received a response from him (the quoted response is in part II of the article). The article details a simulated hacker attack situation, based on the exploitation of a newly found vulnerability in a popular plugin for WordPress - «Wordfence Security» Website Configuration As an example we’ll take a website built on CMS...


A Dangerous Local Vulnerability is Found in Systemd 228

A Dangerous Local Vulnerability is Found in Systemd 228 A dangerous local vulnerability is found in systemd 228 that allows a non-privileged attacker run a code as superuser. As stated by security researcher Sebastian Krahmer, the problem previously found in systemd can be exploited not only for Linux distribution kit maintenance rejection, but for full access to the system. The vulnerability occurs when systemd timers are runned initiating touch_file() function that creates files in directories...


Malefactors Use KillDisk for Attacks on Linux Systems

Malefactors Use KillDisk for Attacks on Linux Systems New opportunities of KillDisk allow to control malware through the C&C server and use the application as a crypto ransomware ESET researchers have discovered a new variant of KillDisk malware designed for attacks on the  Linux systems. KillDisk is a destructive malware that became known due to an attack against the Ukrainian power grid in December 2015. The malware was also used during the attacks against the financial sector of Ukraine...