Collaborate Disseminate
We have already shared examples of many kinds of malware that rely on an external gateway to receive or return data, such as different malware payloads.
During a recent investigation, we came across this example of a PHP script that attackers use for … Continue reading Evasive Maneuvers in Data Stealing Gateways
During malware analysis, we regularly find variations of this injected script on various compromised websites: .
The variable “_0x446d” assigns hex encoded strings in different positions in the array. If we get the ASCII representation of the variable… Continue reading Legacy Mauthtoken Malware Continues to Redirect Mobile Users
For every gleaming new IoT device that hits the market, a hacker somewhere is figuring out how to compromise it. Today, even routine activities can land you in the sights of a bad actor.
Imagine what a bad day could look like in these days of ubiquito… Continue reading 5 Places Where You’d Never Expect to Get Hacked
A PHP shell containing multiple functions can easily consist of thousands of lines of code, so it’s no surprise that attackers often reuse the code from some of the most popular PHP web shells, like WSO or b374k.
After all, if these popular (and readi… Continue reading P.A.S. Fork v. 1.0 — A Web Shell Revival
October is National Cyber Security Awareness Month, and we’re back with analyst Antony Garand to take a deeper look into cross site scripting (XSS) attacks and WordPress plugin vulnerabilities. Plus, host Justin Channell will catch you up on the lates… Continue reading Sucuri Sit-Down Episode 4: XSS & WP Plugin Vulnerabilities with Antony Garand
The responsibility of ensuring that a website is protected falls on the website owner, but the security expectation may fall on the web service provider too.
As a professional, you are the trusted party and first point of contact.
Much of what your cl… Continue reading Opening the Conversation about Website Security
Our free SiteCheck tool helps website owners remotely scan their website to detect malware infections, blacklisting status, website errors, and other anomalies. Scanning a website’s external HTML source code provides immediate results, without the nee… Continue reading SiteCheck Malware Report: September Summary
PHP hack tools are created and used by attackers to help automate frequent or tedious tasks. During a recent investigation, we came across a hack tool used to simplify the process of sending predefined HTML emails to a list of email addresses.
The too… Continue reading GFX Xsender Hack Tool: A Spam Mailer
Malicious pop-ups and redirects have become two extremely common techniques used by attackers to drive traffic wherever they want.
During a recent investigation, we came across an obfuscated pop-up script leveraging baidu[.]com search results to redi… Continue reading Malicious Pop-up Redirects Baidu Traffic
Employees at companies of all sizes can be targets of phishing attacks, but certain corporations or industries can be more valuable to an attacker than others.
For instance, employees at telecom companies will often have some level of elevated access … Continue reading Phishing Page Targets AT&T’s Employee Multi-Factor Authentication