UCEPROTECT Scam: When RBLs Go Bad
Marc Kranat What is a Realtime Blackhole List (RBL)? A Realtime Blackhole List (RBL) contains lists of email servers, domain names, and IP addresses that are associated…
Browsing Category
Security Education
681 posts
Optimizing Performance and Behavior with WordPress and the Sucuri WAF
Aside from providing significant protection from a wide range of threats, the Sucuri WAF also acts as a CDN due to its caching capabilities and…
Whitespace Steganography Conceals Web Shell in PHP Malware
Denis Sinegubko Last November, we wrote about how attackers are using JavaScript injections to load malicious code from legitimate CSS files. At first glance, these injections didn’t…
Phishing & Malspam with Leaf PHPMailer
Luke Leal It’s common knowledge that attackers often use email as a delivery mechanism for their malicious activity — which can range from enticing victims to click…
Critical Vulnerabilities in 123contactform-for-wordpress WordPress Plugin
Rodrigo Escobar In mass infection scenarios, our Malware Research team often looks for attack vectors to find patterns and other similarities among compromised websites. The identification of…
Real-Time Phishing Kit Targets Brazilian Central Bank
We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page…
Evaluating Cookies to Hide Backdoors
Identifying website backdoors is not always an easy task. Since a backdoors primary function is to conceal itself while providing unauthorized access, they are often…
The Dangers of Using Abandoned Plugins & Themes
Krasimir Konov It’s not very often that we see abandoned components being used on a website — but when we do, it’s most often because the website…
Obfuscation Techniques in MARIJUANA Shell “Bypass”
Attackers are always trying to come up with new ways to evade detection from the wide range of security controls available for web applications. This…
Evasive Maneuvers in Data Stealing Gateways
Cesar Anjos We have already shared examples of many kinds of malware that rely on an external gateway to receive or return data, such as different malware…
ALFA TEaM Shell ~ v4.1-Tesla: A Feature Update Analysis
We’ve seen a wider variety of PHP web shells being used by attackers this year — including a number of shells that have been significantly…