Insecure hosting puts websites at risk of hacks and defacements - Here example!

See: http://toolbar.netcraft.com/site_report?url=http://gigaservicemedia.com
Home padlock icon
gigawebprovider.com
Alerts (2)
Insecure login (2)
Password will be transmited in clear to http://login.gigawebprovider.com/login/
Password will be transmited in clear to http://webmail.gigawebprovider.com/rclogin.php
Infos (1)
Encryption (HTTPS) (1)
Communication is NOT encrypted

50% insecure IDs tracking detected.

Insecure jQuery: Detected libraries:
jquery - 1.10.2 : (active1) -http://gigawebprovider.com/js/jquery.min.js?v=1401717492
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
(active) - the library was also found to be active by running code
1 vulnerable library detected

Undefined functions: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fgigawebprovider.com

Then this happened: http://killmalware.com/gigaservicemedia.com/# :o Hacked using Google Font API test with Intent Analyser!

pol

Mass defacements are often a matter of “trial and error” by defacers to be succesful
working automated tools against vulnerable sites gathered via so-called “dorks”.

Read about the backgrounds this fine article from David Jakoby on Kaspersky Lab ZAO:

https://securelist.com/analysis/publications/36356/mass-defacements-the-tools-and-tricks/

From the article we can learn the best way to protect ourselves against such attacks
is found in upgrading, updating and patching and properly configuring servers,
CMS etc. Do not start placing the cart before the horse and look for the wrong solutions.

polonus

Another one, this time it was hostgator abuse for a suspended webpage there: http://killmalware.com/alawael-it.com/#
See: http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Falawael-it.com%2F
Insecurity: -http://alawael-it.com
Detected libraries:
jquery - 1.9.1 : http://code.jquery.com/jquery-1.9.1.js
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
jquery - 1.11.2 : http://code.jquery.com/jquery-1.11.2.min.js
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
jquery - 1.11.1 : http://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/jquery.min.js
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
3 vulnerable libraries detected

Consider this CloudFlare link: http://toolbar.netcraft.com/site_report?url=https://browser-update.org

pol