WordPress 3.2 and PHP support – Security effect
WordPress 3.2 is going to be released very soon and one of the biggest changes is that they will drop support for PHP4 and all versions of PHP5 bellow 5.2.4. WordPress.org has provided some informative...
View ArticlePHP-CGI Vulnerability Exploited in the Wild
When the PHP-CGI vulnerability was disclosed, we knew it would be just a matter of days before it started to be exploited in the wild. Well, it didn’t take long. Since the weekend, we started to see...
View ArticleSucuri is Hiring: Senior PHP Developer
It’s that time again. We’re actively looking for a Senior PHP Developer to join the family. If you are passionate about web-based malware, and you want to help build awesomess, we want to hear from...
View ArticleSecure Website Development – Importance of Developing Securely
We clean hundreds of sites every day and often their problems are associated with the same issues: outdated and sometimes unnecessary software, weak passwords and so on. But sometimes the issue is not...
View ArticleClik here to view.
Sucuri – Decoding Obfuscated PHP
We are happy to release a new tool for you Do It Yourself (DIY) types. Every now and then you might come across a variety of obfuscated injections in your PHP files and might find yourself wondering,...
View ArticleClik here to view.
Another Fake WordPress Plugin – And Yet Another SPAM Infection!
We clean hundreds and thousands of infected websites, a lot of the cleanups can be considered to be somewhat “routine”. If you follow our blog, you often hear us say we’ve seen “this” numerous times,...
View ArticleClik here to view.
New iFrame Injections Leverage PNG Image Metadata
We’re always trying to stay ahead of the latest trends, and today we caught a very interesting one that we have either been missing, or it’s new. We’ll just say it’s new.. We’re all familiar with the...
View ArticleClik here to view.
PHP Callback Functions: Another Way to Hide Backdoors
We often find new techniques employed by malware authors. Some are very interesting, others are pretty funny, and then there are those that really stump us in their creativity and effectiveness. This...
View ArticleClik here to view.
ASP Backdoors? Sure! It’s not just about PHP
I recently came to the realization that it might appear that we’re partial to PHP and WordPress. This realization has brought about an overwhelming need to correct that perception. While they do make...
View ArticleSucuri – Decoding Obfuscated PHP
We are happy to release a new tool for you Do It Yourself (DIY) types. Every now and then you might come across a variety of obfuscated injections in your PHP files and might find yourself wondering,...
View ArticleAnother Fake WordPress Plugin – And Yet Another SPAM Infection!
We clean hundreds and thousands of infected websites, a lot of the cleanups can be considered to be somewhat “routine”. If you follow our blog, you often hear us say we’ve seen “this” numerous times,...
View ArticleNew iFrame Injections Leverage PNG Image Metadata
We’re always trying to stay ahead of the latest trends, and today we caught a very interesting one that we have either been missing, or it’s new. We’ll just say it’s new.. 😉 We’re all familiar with the...
View ArticlePHP Callback Functions: Another Way to Hide Backdoors
We often find new techniques employed by malware authors. Some are very interesting, others are pretty funny, and then there are those that really stump us in their creativity and effectiveness. This...
View ArticleASP Backdoors? Sure! It’s not just about PHP
I recently came to the realization that it might appear that we’re partial to PHP and WordPress. This realization has brought about an overwhelming need to correct that perception. While they do make...
View ArticleWebsite Malware: Mobile Redirect to BaDoink Porn App Evolving
Recently, we wrote about a malware redirect causing compromised sites to redirect their visitors to pornographic content (specifically, the BaDoink app). You can read more about what we found by going...
View ArticleWigo Means Bingo for Blackseo Agent
This week my colleague Peter Gramantik showed me a few infected sites that had very similar code embedded in the WordPress index.php files: if (eregi('-dbst',$_SERVER['REQUEST_URI'])) {...
View Article
