Malware Infection – Blocked by Day Limit
Estevao Avillez This week while working on a compromised site, I found an interesting variation of the Blackhole injection. We work with many sites injected with Blackhole,…
Browsing Category
Website Malware Infections
864 posts
Google Transparency Report – Malware Distribution
Daniel Cid Google just released their Malware Distribution Transparency Report, sharing the amount of sites compromised or distributing malware detected by their systems (Safe Browsing program). Google’s…
New Apache Module Injection
For the last few months we have been talking about the Darkleech Apache Module injection that is being used to insert malicious iframes into every…
Apache PHP Injection to JavaScript Files
We have been talking about Apache server-side injections for a while. Ranging from malicious modules, like Darkleech, to modified Apache binaries. From an attacker perspective,…
vBulletin Conditional Malware – myFTP.biz Malicious iFrames
Fioravante Souza We have to be honest here, there’s no fun in cleaning up infected .htaccess files. It’s boring, but it happens a lot! But it’s not…
Plesk 0-day Remote Vulnerability in the Wild
Just last week another 0-day vulnerability on Plesk was released. It affects Plesk 9.2, 9.3 and 9.5.4 versions. If you have not yet, we recommend…
From a Site Compromise to Full Root Access – Local Root Exploits – Part II
When an attacker manages to compromise and get access to a website, they won’t likely stop there, they will aim to gain full root (admin)…
From a Site Compromise to Full Root Access – Symlinks to Root – Part I
When an attacker manages to compromise and get access to a website, they won’t likely stop there, they will aim to gain full root (admin)…
Globo.com redirecting users to Spam ads
David Dede Globo.com, one of the largest Brazilian web portals (ranked #107 on Alexa and #6 for Brazilian traffic) appears to be compromised and all visits to…
Auto Generated IFrames To Blackhole Exploit Kit – Following the Cookie Trail
We often talk about websites being compromised and injected with malware that redirect users to exploit kits. We unfortunately don’t give you a complete picture…
W3 Total Cache and WP Super Cache Vulnerability Being Targeted in the Wild
Tony Perez As if on queue, almost 7 days since we released the post about the latest W3TC and WP Super Cache remote command execution vulnerability, we…