For the last few months we have been tracking server level compromises that have been utilizing malicious Apache modules (Darkleech) to inject malware into websites.…
I recently came to the realization that it might appear that we’re partial to PHP and WordPress. This realization has brought about an overwhelming need…
We have been talking about Apache server-side injections for a while. Ranging from malicious modules, like Darkleech, to modified Apache binaries. From an attacker perspective,…
Came across another server compromise this week. Client was complaining that the following kept being injected into their JavaScript files: document.write("<style.vb4brk { position:absolute; left:-1655px; top:-1476px} </style> <div…
Security Archive: Remembering security incidents to make sure we don’t commit the same mistakes over and over again. Want to read more stories like this…
The .htaccess file is notorious for being targeted by attackers. Whether it’s using the file to hide malware, redirect search engines to other sites with…