Cesar Anjos – WindowsTechs.com

Password Attacks 101

Posted on June 11, 2021 by Cesar Anjos

According to the 2020 Data Breaches report by Verizon, 25% of all breaches involved the use of stolen credentials. And for small businesses, that number hit 30%. Brute force attacks have a similar share, accounting for 18% of all breaches, and 34% of … Continue reading Password Attacks 101→

Server Side Data Exfiltration via Telegram API

Posted on March 18, 2021 by Cesar Anjos

One of the themes commonly highlighted on this blog includes the many creative methods and techniques attackers employ to steal data from compromised websites. Credit card skimmers, credential and password hijackers, SQL injections, and even malware o… Continue reading Server Side Data Exfiltration via Telegram API→

Why You Should Monitor Your Website

Posted on December 15, 2020 by Cesar Anjos

In an effort to maintain unauthorized access or profit off a website’s environment long after an initial compromise, attackers commonly leverage a variety of different techniques and tactics.
These techniques range from adding backdoors, stealing sens… Continue reading Why You Should Monitor Your Website→

Evasive Maneuvers in Data Stealing Gateways

Posted on November 17, 2020 by Cesar Anjos

We have already shared examples of many kinds of malware that rely on an external gateway to receive or return data, such as different malware payloads.
During a recent investigation, we came across this example of a PHP script that attackers use for … Continue reading Evasive Maneuvers in Data Stealing Gateways→

Password Attacks 101

Posted on January 31, 2020 by Cesar Anjos

One of the most common attacks carried out nowadays is related to cracking passwords, but most people probably just know about brute-forcing. There are, in fact, other kinds of attacks around passwords.
Let’s take a look at three kinds of passwo… Continue reading Password Attacks 101→

Down the Malware Rabbit Hole: Part II

Posted on November 18, 2019 by Cesar Anjos

In our last post in this series, we took a look at a code snippet that had been encoded in a very specific way — and hidden 91 layers deep.
Today, we’ll reveal how attackers achieve this level of encoding and investigate one of the many po… Continue reading Down the Malware Rabbit Hole: Part II→

Down the Malware Rabbit Hole – Part 1

Posted on October 3, 2019 by Cesar Anjos

It’s common for malware to be encoded to hide itself—or its true intentions—but have you ever given thought to what lengths attackers will go to hide their malicious code?
In our first post in this series, we’ll describe how ba… Continue reading Down the Malware Rabbit Hole – Part 1→

Lightbox Adware – From Innocent Scripts to Malicious Redirects

Posted on June 17, 2019 by Cesar Anjos

It’s no news that webmasters commonly make use of external scripts to add more features to their site, but things can turn out for the worse quite easily.
What if other scripts start behaving the same?
What if they start to use your website to s… Continue reading Lightbox Adware – From Innocent Scripts to Malicious Redirects→

Cronjob Backdoors

Posted on May 3, 2019 by Cesar Anjos

Attackers commonly rely on backdoors to easily gain reentry and maintain control over a website. They also use PHP functions to further deepen the level of their backdoors.
A good example of this is the shell_exec function which allows plain shell com… Continue reading Cronjob Backdoors→

Using Innocent Roles to Hide Admin Users

Posted on December 4, 2018 by Cesar Anjos

All across the internet, we find guides and tutorials on how to keep your WordPress site secure. Most of them approach the concept of user roles, but not many actually approach the capabilities of those roles.
The way the capabilities are handled on W… Continue reading Using Innocent Roles to Hide Admin Users→