Kyle Knight
Browsing Category
Sucuri Labs
336 posts
SiteCheck Remote Website Scanner — Mid-Year 2024 Report
Conducting an external website scan for indicators of compromise is one of the easiest ways to identify security issues. While remote website scanners may not…
Bogus URL Shorteners Go Mobile-Only in AdSense Fraud Campaign
Denis Sinegubko Since September 2022, our team has been tracking a bogus URL shortener redirect campaign that started with just a single domain: ois[.]is. By the beginning…
SiteCheck Remote Website Scanner — Mid-Year 2023 Report
Conducting an external website scan for indicators of compromise is one of the easiest ways to identify security issues. While remote scanners may not provide…
Massive Google Colaboratory Abuse: Gambling and Subscription Scam
This investigation started with a small and quite simple piece of PHP malware found on a hacked website. We located the following PHP code, responsible…
Backdoor Targets FreePBX Asterisk Management Portal
Krasimir Konov Written in PHP and JavaScript, FreePBX is a web-based open-source GUI that manages Asterisk, a voice over IP and telephony server. This open-source software allows…
SocGholish Malware: Script Injections, Domain Shadowing, IPs & Obfuscation Techniques
In June 2022, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected and cleaned…
Object Injection Vulnerability Affects WordPress Versions 3.7 to 5.7.1
Ben Martin If you haven’t updated your WordPress website since October 2013, this wouldn’t affect you, but we strongly hope that is not the case! There’s a…
Trojan Spyware and BEC Attacks
Luke Leal When it comes to an organization’s security, business email compromise (BEC) attacks are a big problem. One primary reason impacts are so significant is that…
SQL Triggers in Website Backdoors
Over the past year, there’s been an increasing trend of WordPress malware using SQL triggers to hide malicious SQL queries within hacked databases. These queries…
Whitespace Steganography Conceals Web Shell in PHP Malware
Last November, we wrote about how attackers are using JavaScript injections to load malicious code from legitimate CSS files. At first glance, these injections didn’t…
Phishing & Malspam with Leaf PHPMailer
It’s common knowledge that attackers often use email as a delivery mechanism for their malicious activity — which can range from enticing victims to click…