サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
2025年ランキング
blog.armorize.com
Posted by: Wayne Huang on 10.12.2011 / Categories: Drive-by download, Mass Injection, Web malware (Credit: Wayne Huang, Chris Hsiao, NightCola Lin) Starting Oct 9th, we've been tracing an mass injection attempt. Currently, there's been 180,000 affected pages, according to Google. The attack targets visitors of six particular languages--English, German, French, Italian, Polish, and Breton, seen fro
(credits: Wayne Huang, Chris Hsiao, NightCola Lin) ( To peer researchers: As we all know, researching security incidents take a lot of time and sacrifice; as if they know exactly how to make our lives harder, attackers often launch right before the weekend or a long vacation. In such an event, we often need to sacrifice our personal plans to be with our families, in order to research and publish t
Our HackAlert 24x7 Website malware monitoring platform today indicated that mysql.com has been hacked and is currently serving malware. The highlighted section of the above screenshot is the injected script. Below is a video showing how visitors are infected when navigating to the site: [Infection Chain] Step 1: http://www.mysql.com Causes the visiting browser to load the following: Step 2: http:/
Posted by: Chris on 7.25.2011 / Categories: Drive-by download, HackAlert, Mass Injection, osCommerce, Web malware (Credits: Wayne Huang, Chris Hsiao, NightCola Lin, Sun Huang, Crane Ku) (Initial post: July 24th) (Updated: July 30th with new infection number, source IP of attack, log entries, osCommerce vulnerabilities used, and more) (Updated: Aug 3rd with new video and new infection count: >6 mil
(Credits: Wayne Huang, Chris Hsiao, NightCola Lin) (Thanks to Christian Frichot and David Taylor for providing additional info) (Original post: June 15th) (Updated: Jun 28th) A quick summary: Lizamoon Sidename.js Type of attack Mass SQL Injection Mass Meshing Injection Victim criteria Victims have to be tricked into a) downloading a binary and b) executing the binary, in order to be infected. Vict
(Credits: Chris Hsiao, NightCola Lin, Wayne Huang) Armorize runs one of the world's largest cloud-based Web malware scanning service, OEM'd to large security and hosting companies. Recently, we've noticed increasing use of a variation of the drive-by download attack, coupled usually with 0-days. This is our technical report on the subject. We realize in recent years, "interesting" threat names hav
このページを最初にブックマークしてみませんか?
『Armorize Technologies Blog』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
