Phishing & Malspam with Leaf PHPMailer
Luke Leal It’s common knowledge that attackers often use email as a delivery mechanism for their malicious activity — which can range from enticing victims to click…
Browsing Category
Security Education
678 posts
Critical Vulnerabilities in 123contactform-for-wordpress WordPress Plugin
Rodrigo Escobar In mass infection scenarios, our Malware Research team often looks for attack vectors to find patterns and other similarities among compromised websites. The identification of…
Real-Time Phishing Kit Targets Brazilian Central Bank
We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page…
Evaluating Cookies to Hide Backdoors
Identifying website backdoors is not always an easy task. Since a backdoors primary function is to conceal itself while providing unauthorized access, they are often…
The Dangers of Using Abandoned Plugins & Themes
Krasimir Konov It’s not very often that we see abandoned components being used on a website — but when we do, it’s most often because the website…
Obfuscation Techniques in MARIJUANA Shell “Bypass”
Attackers are always trying to come up with new ways to evade detection from the wide range of security controls available for web applications. This…
Evasive Maneuvers in Data Stealing Gateways
Cesar Anjos We have already shared examples of many kinds of malware that rely on an external gateway to receive or return data, such as different malware…
ALFA TEaM Shell ~ v4.1-Tesla: A Feature Update Analysis
We’ve seen a wider variety of PHP web shells being used by attackers this year — including a number of shells that have been significantly…
Legacy Mauthtoken Malware Continues to Redirect Mobile Users
During malware analysis, we regularly find variations of this injected script on various compromised websites: . The variable “_0x446d” assigns hex encoded strings in different…
CSS-JS Steganography in Fake Flash Player Update Malware
Denis Sinegubko This summer, MalwareBytes researcher Jérôme Segura wrote an article about how criminals use image files (.ico) to hide JavaScript credit card stealers on compromised e-commerce…
Bridging the Gap Between Application and Network Security with CleanBrowsing
Tony Perez & Daniel Cid When we started Sucuri we set out to make enterprise security accessible, affordable, and effective for every day webmasters. It was at a time when…