Simple $_COOKIE backdoor (variation)
Fernando Barbosa There are many ways to develop a backdoor and virtually all of them share a similar goal – not to be discovered. To achieve that,…
Browsing Category
Website Security
1031 posts
New Non-HTTPS Websites Blacklisted for Phishy Password Practices
Cesar Anjos We submit hundreds of blacklist review requests every day after cleaning our clients’ websites. Google’s Deceptive Content warning applies when Google detects dangerous code that…
Tricky malvertising injections
Abdelli Nassereddine When a website is compromised, one of the most interesting and challenging tasks we perform is identifying all malware to prevent attackers from regaining access…
Client-Side or Server-Side Script?
Denis Sinegubko We’ve already described several times how credit card stealing malware hides a data collecting script behind an image URL. When people see URLs that end…
Ask Sucuri: What is the Principle of Least Privilege?
Gerson Ruiz If you own a website and collaborate with others, the principle of least privilege should never be questioned. It is a computer science principle which…
Titles, Imprints and Marks Left by Attackers
Jose Martinez Some attackers seem to like signing their scripts. This fact is especially true for defacements and backdoors, where attackers show their pride stating that they…
WebSockets, Viagra and Fake CloudFlare CDN
Recently we’ve seen some WordPress websites displaying unwanted banners at the bottom of the page which appear 15 seconds after browsing the website. Those banners…
Testing the Impacts of Website Caching Tools
Northon Torga Try to remember what you ate for lunch yesterday. It took you about 3-5 seconds, right? Ok. Now recall that memory once more. Took you…
doc.google.com.TROJAN
During an incident response process, we identified some files located at a website’s root folder. Although they had different filenames (post.php, news.php, home.php, etc), they…
Set your Cookie, Execute a Command
Yuliyan Tsvetkov Backdoors evolve. They tend to get more complex, harder to understand and harder to decode, but this is not always the case. Most of the…
One, two, three… CC stolen!
Attackers work hard to make their code very well hidden from the victim and antivirus products, however they might leave some fingerprints (usually not on…