Spotting Malicious Injections in Otherwise Benign Code
Denis Sinegubko Being able to spot suspicious code, and then determine whether it is benign or malicious is a very important skill for a security researcher. Every…
Month: October 2014
18 posts
Security Advisory – Medium Severity – WP eCommerce WordPress Plugin
Mickael Nadeau If you’re using the popular WP eCommerce WordPress plugin (2,900,000 downloads), you should update it right away. During a routine audit for our Website Firewall…
Drupal Warns – Every Drupal 7 Website Compromised Unless Patched
Daniel Cid The Drupal team released an update to a critical SQL Injection vulnerability a few weeks ago and urged all their users to update or patch…
Threat Introduced via Browser Extensions
We love investigating unusual hacks. There are so many ways to compromise a website, but often it’s the same thing. When we see malicious code…
ASP Backdoors? Sure! It’s not just about PHP
Peter Gramantik I recently came to the realization that it might appear that we’re partial to PHP and WordPress. This realization has brought about an overwhelming need…
Google Blacklists Bit.ly
If you ever shortened a URL using bit.ly or if you use it anywhere, be aware that Google recently blacklisted all bit.ly pages through its…
Popular Brazilian Site “Porta dos Fundos” Hacked
A very well known Brazilian comedy site, “Porta dos Fundos,” was recently hacked and is pushing malware (drive-by-download) via a malicious Flash executable, as you…
Manipulating WordPress Plugin Functions to Inject Malware
Keir Desailly Most authors of website malware usually rely on the same tricks, making it easy for malware researchers to spot obfuscated code, random files that don’t…
The Details Behind the Akeeba Backup Vulnerability
Marc-Alexandre Montpas It’s been a month since our disclosure of a low-severity vulnerability affecting Akeeba Backup version 3.11.4, which allowed an attacker to list and download backups…
Malvertising Payload Targets Home Routers
Fioravante Souza A few weeks ago we wrote about compromised websites being used to attack your web routers at home by changing DNS settings. In that scenario…
Chinese Doorway Spam – P2
We are seeing an increasing number of hacked sited with Chinese doorways promoting various fake merchandises (from Louis Vuitton handbags to NFL jerseys and Canada…