PHP TROJAN |
| 2010-05-23 | Manuel Humberto Santander Pelaez | e-mail scam announcing Fidel Castro's funeral ... and nasty malware to your computer. |
PHP |
| 2024-12-17/a> | Guy Bruneau | Command Injection Exploit For PHPUnit before 4.8.28 and 5.x before 5.6.3 [Guest Diary] |
| 2024-11-06/a> | Jesse La Grew | [Guest Diary] Insights from August Web Traffic Surge |
| 2024-03-29/a> | Xavier Mertens | Quick Forensics Analysis of Apache logs |
| 2023-09-23/a> | Guy Bruneau | Scanning for Laravel - a PHP Framework for Web Artisants |
| 2022-09-07/a> | Johannes Ullrich | PHP Deserialization Exploit attempt |
| 2022-02-02/a> | Johannes Ullrich | Finding elFinder: Who is looking for your files? |
| 2021-11-30/a> | Johannes Ullrich | Hunting for PHPUnit Installed via Composer |
| 2020-06-05/a> | Remco Verhoef | Not so FastCGI! |
| 2019-07-18/a> | Xavier Mertens | Malicious PHP Script Back on Stage? |
| 2019-04-04/a> | Xavier Mertens | New Waves of Scans Detected by an Old Rule |
| 2018-11-16/a> | Xavier Mertens | Basic Obfuscation With Permissive Languages |
| 2018-07-11/a> | Remco Verhoef | Well, Hello Again Peppa! |
| 2018-07-02/a> | Guy Bruneau | Hello Peppa! - PHP Scans |
| 2018-06-13/a> | Xavier Mertens | A Bunch of Compromized Wordpress Sites |
| 2018-05-06/a> | Guy Bruneau | Scans Attempting to use PowerShell to Download PHP Script |
| 2017-09-14/a> | Xavier Mertens | Another webshell, another backdoor! |
| 2017-08-07/a> | Xavier Mertens | Increase of phpMyAdmin scans |
| 2017-02-28/a> | Xavier Mertens | Analysis of a Simple PHP Backdoor |
| 2016-12-26/a> | Russ McRee | Critical security update: PHPMailer 5.2.20 (CVE-2016-10045) |
| 2016-07-13/a> | Xavier Mertens | Drupal: Patch released today to fix a highly critical RCE in contributed modules |
| 2015-07-12/a> | Guy Bruneau | PHP 5.x Security Updates |
| 2014-09-19/a> | Guy Bruneau | PHP Fixes Several Bugs in Version 5.4 and 5.5 |
| 2014-08-22/a> | Richard Porter | PHP 5.4.32 Released http://www.php.net/ChangeLog-5.php#5.4.32 |
| 2014-08-22/a> | Richard Porter | PHP 5.5.16 is available http://www.php.net/ChangeLog-5.php#5.5.16 |
| 2014-08-16/a> | Lenny Zeltser | Web Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability |
| 2014-04-04/a> | Stephen Hall | PHP 5.4.27 released |
| 2014-03-27/a> | Alex Stanford | Mass XSSodus in PHP |
| 2013-10-25/a> | Johannes Ullrich | PHP.net compromise aftermath: Why Code Signing Beats Hashes |
| 2013-10-24/a> | Johannes Ullrich | False Positive: php.net Malware Alert |
| 2013-09-19/a> | Bojan Zdrnja | Arrays in requests, PHP and DedeCMS |
| 2013-08-11/a> | Bojan Zdrnja | XATattacks (attacks on xat.com) |
| 2013-08-04/a> | Johannes Ullrich | BBCode tag "[php]" used to inject php code |
| 2013-06-07/a> | Daniel Wesemann | PHP patches - see http://www.php.net/ChangeLog-5.php - fixes CVE2013-2110 |
| 2013-02-22/a> | Chris Mohan | PHP 5.4.12 and PHP 5.3.22 released http://www.php.net/ChangeLog-5.php |
| 2013-01-17/a> | Russ McRee | PHP 5.4.11 and PHP 5.3.21 released |
| 2012-09-19/a> | Russ McRee | Script kiddie scavenging with Shellbot.S |
| 2012-06-14/a> | Johannes Ullrich | PHP 5.4.4 and 5.3.14 released with fixes for DES crypt issue and phar heap overflow |
| 2012-05-08/a> | Kevin Liston | PHP 5.4.3 and PHP 5.3.13 Released |
| 2012-04-05/a> | Johannes Ullrich | Evil hides everywhere: Web Application Exploits in Headers |
| 2012-03-07/a> | Johannes Ullrich | What happened to RFI attacks? |
| 2012-02-07/a> | Johannes Ullrich | Secure E-Mail Access |
| 2012-02-03/a> | Guy Bruneau | PHP 5.3.10 Released, Fixes CVE-2012-0830 available for download http://www.php.net/archive/2012.php#id2012-02-02-1 |
| 2012-02-03/a> | Johannes Ullrich | Critical PHP bug patched |
| 2012-01-16/a> | Kevin Shortt | php 5.3.9 released -Jan-10-2011 |
| 2012-01-12/a> | Rob VandenBrink | PHP 5.39 was release on the 10th, amongst other things, it addresses CVE-2011-4885 (prevents attacks based on hash collisions) and CVE-2011-4566 (integer overflow when parsing invalid exif header) |
| 2011-08-22/a> | Jim Clausing | DO NOT upgrade to PHP 5.3.7, significant bug in crypt() function, see http://www.php.net/ |
| 2011-08-18/a> | Rob VandenBrink | PHP 5.37 release. Some security updates, plus lots of bug fixes ==> http://www.php.net/archive/2011.php#id2011-08-18-1 |
| 2010-08-31/a> | Bojan Zdrnja | Interesting PHP injection |
| 2010-08-10/a> | Daniel Wesemann | SSH - new brute force tool? |
| 2010-07-04/a> | Manuel Humberto Santander Pelaez | Interesting analysis of the PHP SplObjectStorage Vulnerability |
| 2010-06-14/a> | Manuel Humberto Santander Pelaez | Another way to get protection for application-level attacks |
| 2010-05-23/a> | Manuel Humberto Santander Pelaez | e-mail scam announcing Fidel Castro's funeral ... and nasty malware to your computer. |
| 2010-02-27/a> | Guy Bruneau | PHP 5.2.13 Security Update |
| 2010-01-29/a> | Johannes Ullrich | Analyzing isc.sans.org weblogs, part 2, RFI attacks |
| 2009-12-28/a> | Johannes Ullrich | 8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug) |
| 2009-11-20/a> | Mark Hofman | PHP 5.3.1 is released. With many of the websites on the net relying on PHP and the number of attacks we see, consider upgrading. This release has over 100 bug fixes, some of which are security related. |
| 2009-08-01/a> | Deborah Hale | Website Warnings |
| 2009-06-26/a> | Mark Hofman | PHPMYADMIN scans |
| 2009-06-24/a> | Kyle Haugsness | Exploit tools are publicly available for phpMyAdmin |
| 2009-06-21/a> | Scott Fendley | phpMyAdmin Scans |
| 2009-04-07/a> | Johannes Ullrich | Common Apache Misconception |
| 2009-02-03/a> | Swa Frantzen | On the importance of patching fast |
| 2008-12-10/a> | Stephen Hall | PHP Group has released PHP version 5.2.8 |
| 2008-09-09/a> | Swa Frantzen | wordpress upgrade |
| 2008-08-19/a> | Johannes Ullrich | A morning stroll through my web logs |
| 2008-05-05/a> | John Bambenek | PHP 5.2.6 out w/ security updates |
| 2006-12-24/a> | Swa Frantzen | phpBB 2.0.22 - upgrade time |
| 2006-11-29/a> | Toby Kohlenberg | New Vulnerability Announcement and patches from Apple |
| 2006-09-13/a> | Swa Frantzen | PHP - shared hosters, take note. |
TROJAN |
| 2023-06-24/a> | Guy Bruneau | Email Spam with Attachment Modiloader |
| 2022-11-05/a> | Guy Bruneau | Windows Malware with VHD Extension |
| 2022-10-15/a> | Guy Bruneau | Malware - Covid Vaccination Supplier Declaration |
| 2021-07-24/a> | Xavier Mertens | Agent.Tesla Dropped via a .daa Image and Talking to Telegram |
| 2021-01-04/a> | Jan Kopriva | From a small BAT file to Mass Logger infostealer |
| 2020-11-19/a> | Xavier Mertens | PowerShell Dropper Delivering Formbook |
| 2020-09-04/a> | Jan Kopriva | A blast from the past - XXEncoded VB6.0 Trojan |
| 2020-08-14/a> | Jan Kopriva | Definition of 'overkill' - using 130 MB executable to hide 24 kB malware |
| 2020-07-11/a> | Guy Bruneau | Scanning Home Internet Facing Devices to Exploit |
| 2020-03-11/a> | Xavier Mertens | Agent Tesla Delivered via Fake Canon EOS Notification on Free OwnCloud Account |
| 2019-09-19/a> | Xavier Mertens | Agent Tesla Trojan Abusing Corporate Email Accounts |
| 2019-07-18/a> | Xavier Mertens | Malicious PHP Script Back on Stage? |
| 2019-06-25/a> | Brad Duncan | Rig Exploit Kit sends Pitou.B Trojan |
| 2018-11-15/a> | Brad Duncan | Emotet infection with IcedID banking Trojan |
| 2018-10-10/a> | Xavier Mertens | New Campaign Using Old Equation Editor Vulnerability |
| 2018-09-13/a> | Xavier Mertens | Malware Delivered Through MHT Files |
| 2017-08-15/a> | Brad Duncan | Malspam pushing Trickbot banking Trojan |
| 2013-12-07/a> | Guy Bruneau | Suspected Active Rovnix Botnet Controller |
| 2013-10-26/a> | Guy Bruneau | Active Perl/Shellbot Trojan |
| 2013-10-25/a> | Rob VandenBrink | Kaspersky flags TCPIP.SYS as Malware |
| 2013-05-04/a> | Kevin Shortt | The Zero-Day Pendulum Swings |
| 2012-07-05/a> | Adrien de Beaupre | New OS X trojan backdoor MaControl variant reported |
| 2012-04-14/a> | Rick Wanner | Flashback Trojan Removal Tool Released |
| 2011-08-05/a> | donald smith | New Mac Trojan: BASH/QHost.WB |
| 2011-05-21/a> | Daniel Wesemann | Weekend reading |
| 2010-12-31/a> | Bojan Zdrnja | Android malware enters 2011 |
| 2010-08-22/a> | Rick Wanner | Failure of controls...Spanair crash caused by a Trojan |
| 2010-07-03/a> | Deborah Hale | Delivery Status Failure Notice That Packed A Wallop |
| 2010-06-13/a> | Rick Wanner | UnRealCD compromised by Trojan |
| 2010-05-23/a> | Manuel Humberto Santander Pelaez | e-mail scam announcing Fidel Castro's funeral ... and nasty malware to your computer. |
| 2010-03-17/a> | Deborah Hale | Trojan outbreak on a College Campus |
| 2009-11-03/a> | Bojan Zdrnja | Opachki, from (and to) Russia with love |
| 2009-10-05/a> | Adrien de Beaupre | Cyber Security Awareness Month - Day 5 port 31337 |
| 2009-07-01/a> | Bojan Zdrnja | Mobile phone trojans |
| 2009-03-16/a> | Johannes Ullrich | new rogue-DHCP server malware |
| 2009-02-06/a> | Adrien de Beaupre | Fake stimulus payments |
| 2009-01-24/a> | Pedro Bueno | Identifying and Removing the iWork09 Trojan |
| 2009-01-07/a> | Bojan Zdrnja | An Israeli patriot program or a trojan |
| 2008-11-16/a> | Maarten Van Horenbeeck | Detection of Trojan control channels |
| 2008-09-16/a> | donald smith | Don't open that invoice.zip file its not from UPS |
| 2008-06-25/a> | Deborah Hale | Report of Coreflood.dr Infection |
