We leverage OSSEC extensively to help monitor and protect our servers. If you are not familiar with OSSEC, it is an open source Host-Based Intrusion Detection…
Over the past few months, our security operations group have identified and mitigated an increasing number of DDoS attacks tied to extortion attempts from different…
We frequently clean blacklisted websites and submit reconsideration requests to have them de-listed. We have encountered many kinds of blacklist warnings including search engines, anti-virus programs,…
Do you remember SweetCAPTCHA that tried to monetize its WordPress plugin injecting unwanted ads into web pages? Today we’ve found another CAPTCHA plugin with a…
Recently I analyzed a porn doorway script and found an interesting way to obfuscate an IP address there. $adr1 = “………………………………………………………………………………………………………………………………………………………..”; $adr2 = “………………………………………………………………………………………………………………………………………………………………………………………………………………..”; $adr3…
Once active during the past summer, the g00[.]co script injections come with a new wave on infections this November. The most common variation is <script…
Early this morning we got complaints from our clients mentioning that Norton was flagging Helpscout, a Help Desk System. Some of the pages were triggering…