We just added two tools to generate OSSEC rules online.
OSSEC online tests
You May Also Like
Fake Google Analytics tracking code leading to Adware
John Castro Our Incident Response process makes sure we remove all malicious files and other small pieces of code inserted in good files that could be used…
Magento Multiversion (1.x/2.x) Backdoor
Luke Leal The Magento 1 EOL date has already passed, however it’s evident that a large number of websites will continue to use it for the foreseeable…
WooCommerce Credit Card Skimmers Concealed In Fake Images
Matt Morrow Our research and remediation teams have noticed an increase in WooCommerce credit card skimmers on client sites over the past few years, as detailed in…
P.A.S. Fork v. 1.0 — A Web Shell Revival
A PHP web shell containing multiple functions can easily consist of thousands of lines of code, so it’s no surprise that attackers often reuse the…
Magento Supply Chain Attack Targets Extension Developer FishPig
Ben Martin Magento store owners using the popular FishPig extensions should be wary of a recent supply chain attack which compromised their software repository. FishPig released a…
Backdoor Obfuscation: tempnam & URL Encoding
In an attempt to avoid detection, attackers and malware authors are always experimenting with different methods to obfuscate their malicious code. During a recent investigation,…
Malicious Injection Redirects Traffic via Parked Domain
Puja Srivastava During a recent investigation, our malware remediation team encountered a variant of a common malware injection that has been active since at least 2017. The…
2021 Threat Report Webinar
Rianna MacLeod The threat landscape is constantly shifting. As attackers continue to hone their tools and exploit new vulnerabilities, our team works diligently to identify and analyze…
The Importance of Website & Server Logs
Krasimir Konov Have you ever looked at your server or website logs and realized that they make absolutely no sense to you? Or thought that logs just…
Skimmers and Phishing
Denis Sinegubko Recently, we shared a post about a network of domains used in a JavaScript credit card stealing malware campaign. These domains are all hosted on…