Malware Infection – Blocked by Day Limit
Estevao Avillez This week while working on a compromised site, I found an interesting variation of the Blackhole injection. We work with many sites injected with Blackhole,…
Month: June 2013
9 posts
Google Transparency Report – Malware Distribution
Daniel Cid Google just released their Malware Distribution Transparency Report, sharing the amount of sites compromised or distributing malware detected by their systems (Safe Browsing program). Google’s…
WordPress 3.5.2 Security and Maintenance Release
Dre Armeda The WordPress team just pushed out a new version of WordPress (3.5.2) that has some security bugs fixed. Straight from their release post, these are…
New Apache Module Injection
For the last few months we have been talking about the Darkleech Apache Module injection that is being used to insert malicious iframes into every…
Brazilian Protests Leading to Mass Defacements
Lately, Brazil is going through a series of political protests against the current administration and the large amount of over expenses related to the 2014…
Plesk Vulnerability – In the Wild for Months Before Disclosure
A few days ago we published a post about the Plesk 0-day vulnerability that we started to see being probed in the wild. It uses…
Apache PHP Injection to JavaScript Files
We have been talking about Apache server-side injections for a while. Ranging from malicious modules, like Darkleech, to modified Apache binaries. From an attacker perspective,…
vBulletin Conditional Malware – myFTP.biz Malicious iFrames
Fioravante Souza We have to be honest here, there’s no fun in cleaning up infected .htaccess files. It’s boring, but it happens a lot! But it’s not…
Plesk 0-day Remote Vulnerability in the Wild
Just last week another 0-day vulnerability on Plesk was released. It affects Plesk 9.2, 9.3 and 9.5.4 versions. If you have not yet, we recommend…