Below is a post from Information Services, warning about website hacking incidents that have happened recently within the University.
If you are responsible for a website, or even just web pages, but particularily if you use a self run blog/wiki/WCMS, then it is a good idea to follow the advice given below and periodically Google for your site/pages and include common spam type words, eg Viagra. For example to check homepages for that string, in the Google search box type “site:homepages.inf.ed.ac.uk viagra“. Unfortunately we do seem to have one example of a user run blog, which has been spammed, and this will be rectified shortly. Other hits seem to be genuine research type activity.
Original post from IS…
Dear colleagues, There have been several incidents of insidious hacking of non-centrally supported university websites in the last few months. Affected sites selectively redirect users referred by a Google search, to dubious commercial sites, such as online pharmacies. To see the effect of this, put 'paypal site:ed.ac.uk' into google.com and look at the search results mentioning Viagra. If you come across an affected site, please notify me, and the site owner as soon as possible. These hacks take advantage of known security vulnerabilities in obsolete versions of web content management systems and other web tools. They insert malicious code which affects how the site appears to Google's robots, and can redirect users coming from Google searches, but make no visible changes to the site viewed at its normal URL. To avoid your website being affected, ensure any web software you are running is kept up-to-date with the latest security patches and upgrades. Site owners should use google to check their own sites specifically using the google search engine and then should address any hacking incidents immediately, by following the 5 steps in the instructions at http://stevepenny.com/googleviagraspamhack.html.