In the past year, we’ve noticed many changes in how toolkits and exploit kits are being used. For starters, the bad guys are spending more time securing their creations , as well as the servers where their malware will be installed. They do this to prevent leaks, as well as to make things harder for security researchers.Here are some […]
I have this beautiful website and now there’s all this garbled code across all of my PHP files. What’s it do, and how did it get there?This is a quick post to show you some encoded crud that can attack your site, and do some pretty bad stuff.Encoded Payload – Eval( base64_decode)Generally speaking, we see […]
We were recently alerted to the reports of an attack leveraging a vulnerability in TimThumb – a PHP script for cropping, zooming, and resizing Web images (.JPG,.PNG, .GIF) and used as an add-on script on WordPress. The said vulnerability enables cybercriminals to perform local file insertion. When successfully exploited, it inserts a PHP script, which […]
Latest Comments