Website Security News
A PHP shell containing multiple functions can easily consist of thousands of lines of code, so it’s no surprise that attackers often reuse the code from some of the most popular PHP web shells, like WSO or b374k. After all, if these popular (and readily…
Malicious pop-ups and redirects have become two extremely common techniques used by attackers to drive traffic wherever they want. \ During a recent investigation, we came across an obfuscated pop-up…
Email will continue to be the dominant mode of digital communication for the foreseeable future. However, the email framework was not designed with security in mind. There still are security…
An alarm or monitoring system is a great tool that can be used to improve the security of a home or website, but what if an attacker can easily disable…
Read More about WordPress Malware Disables Security Plugins to Avoid Detection
Initially released December 2015, PHP 7 introduced a multitude of performance and security improvements. Approximately 43.7% of websites across the web currently use PHP 7.x, making it an incredibly popular…
Read More about Using assert() to Execute Malware in PHP 7 Environments
During a website remediation, we recently discovered a new version of a Magento credit card stealer which sends all compromised data to the malicious domain cdn-filestore[dot]com. My colleague Luke Leal…
Read More about CDN-Filestore Credit Card Stealer for Magento
This is a simple script that allows hackers to block specific crawlers based upon website requests from specific user-agents. This is useful when you don’t want certain traffic from being…
Read More about Web Crawler & User Agent Blocking Techniques
“Smoker Backdoor” is a PHP webshell backdoor that uses hexadecimal and decimal obfuscation in conjunction with the PHP function goto to evade detection from malware scanners. The hexadecimal/decimal obfuscation is…
Read More about Smoker Backdoor: Evasion Techniques in Webshell Backdoors
While string concatenation has many valuable applications in development — such as making code more efficient or functions more effective — it is also a popular way for attackers to…
Read More about String Concatenation: Obfuscation Techniques
When possible, an attacker will want to avoid using specific functions in their PHP code that they know are more likely to be flagged by a scanner. Some examples of…
In the past, I have explained how small one line PHP backdoors use obfuscation and strings of code in HTTP requests to pass attacker’s commands to backdoors. Today, I’ll highlight…
