• Subscribe to the low volume list for updates.

Archives of Security News

Backdoor Corporate Networks with Metasploit

HD Moore announced a new post exploitation tool offering Meterpreter sessions over HTTPS (HTTP) that will traverse the corporate proxy. Variations on this have been available previously but have been for a number of reasons been not so stable. The purpose of this post is to raise awareness. Many IT folks are comfortable with a […]
Read More

Malware in WordPress Themes

Found an interesting article over at OttoPress with some in depth analysis of malware discovered in a theme on a less than reputable WordPress theme site. Seems there are some dodgey sites out there that have infected themes, both free ones and ripped off professional themes. Beware and check the reputation of your themes. It […]
Read More

Google Dorking WordPress

WordPress is very popular and easy to install. This very accessibility makes it a juicy target for those wanting to collect compromised hosting accounts for serving malicious content, spamming, phishing sites, proxies and web shells. How prevalent is poor WordPress Security? Our Web Tech Report showed that application updates to WordPress are reasonable. Lets try […]
Read More

PandaLabs 2010 Annual Report

It appears 2010 has been a cracking year for malware developers. Customised malware is a significant threat to any environment, given the fact that controls that can effectively protect against these attacks are limited and difficult to implement. Anti-virus certainly does not provide much protection against a trojan that has been customised to attack a […]
Read More
  • 1
  • 2