We just added two tools to generate OSSEC rules online.
OSSEC online tests
You May Also Like
PHP Script Nukes All Website Files
Ben Martin Most malware and spam that we come across has some sort of discernable purpose to it, usually something which benefits the attackers financially. This is…
Spotlight: Security for List25, a Popular Entertainment Website
Nikki Gerren For a website initially created to be just an experiment, it’s a pretty big deal to hit two major milestones, though it didn’t happen overnight.…
web.config Redirect Malware
Krasimir Konov We recently found this malware on a windows hosting server where the web.config file was modified with the following code. The code redirects multiple user…
Protecting Phishing Pages via .htaccess
Yuliyan Tsvetkov Phishers usually want to protect their pages from being detected by search engines and security companies. To achieve that, they add .htaccess files that deny…
Stored XSS in MyBB <= 1.8.20
Marc-Alexandre Montpas The open source PHP forum software myBB recently published a new update, version 1.8.21. This is a security release fixing a Stored XSS vulnerability in…
Top 10 Sucuri Research Articles in 2019
Justin Channell As we settle into 2020, it’s a good time to look back at what was learned in the previous year. After all, the past provides…
COVID-19 Chloroquine Pharmaspam
Luke Leal A recent SiteCheck scan of an organization’s website showed an interesting pharmacy spam injection targeting COVID-19-related pages of websites. The HTML that was flagged by…
How To Find & Remove Malware on Weebly Sites
Eli Trevino Weebly is an easy-to-use website builder that allows admins to quickly create and publish responsive blogs and sites. Website builder environments are usually considered to…
How Some OTP Systems Can Be Used to Prank Spam
I recently came across an interesting index.php file and its corresponding directory on a compromised website. I loaded it in a testing environment and immediately…
Analyzing a WooCommerce Credit Card Skimmer
Liam Smith The number of credit card skimmers targeting WooCommerce websites has skyrocketed over the past year, and threat actors have become increasingly creative in the different…