HackDig : Dig high-quality web security articles for hacker

“Fancybox for WordPress Has Expired” Infection

Today I began to notice quite a massive and very unusual attack that leverages vulnerabilities in older versions of the FancyBox for WordPress plugin. As you might know, versions 3.0.2 and older of this plugin allowed anyone to craft special POST requests to /wp-admin/admin-post.php or /wp-admin/admin-ajax.php and change values of specific plugin options in
Publish At:2015-04-02 02:20 | Read:2839 | Comments:0 | Tags:General Short Attack Reviews Website exploits April1 Fancybo

Darkleech Update – November 2014

Just wanted to document some latest changes in Darkleech behavior that may help you detect it. I’d like to thank internet security enthusiasts who share their findings with me. Without you, I could have easily missed these new (?) details. Quick recap Darkleech is a root level server infection that installs malicious Apache modules. The modules inject
Publish At:2014-11-27 18:15 | Read:3133 | Comments:0 | Tags:Short Attack Reviews Website exploits Apache Darkleech Emula

Most Contradictive Doorway Generator

Check this thread on WordPress.org forum. The topic starter found a suspicious PHP file and asked what it was doing. The code analysis shows that it’s some sort of a spammy doorway. But it’s a very strange doorway and the way that it works doesn’t make sense to me. First of all, this script has a random text and code generator. The output
Publish At:2014-09-13 04:40 | Read:2730 | Comments:0 | Tags:Short Attack Reviews doorway htaccess redirect

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud