We’ve seen a wider variety of PHP web shells being used by attackers this year — including a number of shells that have been significantly updated in an attempt to “improve” them. Depending on the scope of changes and feature…
This summer, MalwareBytes researcher Jérôme Segura wrote an article about how criminals use image files (.ico) to hide JavaScript credit card stealers on compromised e-commerce sites. In a tweet, Affable Kraut also reported another similar obfuscation technique using .ico files…
During a recent investigation, a Magento admin login phishing page was found on a compromised website using the file name wp-order.php. This is an odd file name choice for a Magento phishing page, but nevertheless it successfully loads a legitimate…
PHP hack tools are created and used by attackers to help automate frequent or tedious tasks. During a recent investigation, we came across a hack tool used to simplify the process of sending predefined HTML emails to a list of…
Employees at companies of all sizes can be targets of phishing attacks, but certain corporations or industries can be more valuable to an attacker than others. For instance, employees at telecom companies will often have some level of elevated access…
Email will continue to be the dominant mode of digital communication for the foreseeable future. However, the email framework was not designed with security in mind. There still are security flaws that bad actors regularly exploit to their advantage. Recently,…
Phishing kits are the back end components to a phishing attack and are often designed to make it easier to deploy a phishing page. These kits are typically bundled in compressed files, such as .zip archives, and contain the entire…
Imagine a lonely person who’s looking for romantic companionship, so they turn to the internet. Picture someone who’s terribly anxious for news about an online payment that will ease their paycheck-to-paycheck existence. Or perhaps you’ve known an individual with such…