Layer 7 DDOS – Blocking HTTP Flood Attacks
Daniel Cid There are many types of Distributed Denial of Service (DDOS) attacks that can affect and bring down a website, and they vary in complexity and…
Browsing Category
Website Malware Infections
865 posts
New iFrame Injections Leverage PNG Image Metadata
Peter Gramantik We’re always trying to stay ahead of the latest trends, and today we caught a very interesting one that we have either been missing, or…
Website Mesh Networks Distributing Malware
Can you imagine having the keys to a kingdom? How awesome would that be!! This is true in all domains, especialy when it comes to…
Recent OptimizePress Vulnerability Being Mass Infected
A few weeks ago we wrote about a file upload vulnerability in the OptmizePress theme. We were seeing a few sites being compromised by it,…
The Hidden Backdoors to the City of Cron
Fioravante Souza An attacker’s key to creating a profitable malware campaign is persistence. Malicious code that is easily detected and removed will not generate enough value for…
How We Decoded Some Nasty Multi-Level Encoded Malware
Ante Kresic From time to time, we come up with interesting bits of malware that are just calling us to decode and learn more about them. This…
Another Fake WordPress Plugin – And Yet Another SPAM Infection!
We clean hundreds and thousands of infected websites, a lot of the cleanups can be considered to be somewhat “routine”. If you follow our blog,…
Understanding Google’s Blacklist – Cleaning Your Hacked Website and Removing From Blacklist
Today we found an interesting case where Google was blacklisting a client’s site but not sharing the reason why. The fact they were sharing very…
Blackhat SEO and ASP Sites
It’s all too easy to scream and holler at PHP based websites and the various malware variants associate with the technology, but perhaps we’re a…
Joomla – Fancy SPAM Injections
Malware writers can be really ingenious when it comes to obfuscating their code. And let’s face it, in today’s anti-malware push, they have to; the…
Backdoor Evasion Using Encrypted Content
A few weeks ago on the Sucuri Research Labs we mentioned a new type of malware injection that does not use base64_decode, and instead conceals…