Clik here to view.
A Primer for Secure Coding in PHP and MySQL
PHP is an incredibly popular language for creating dynamic web applications — websites such as Facebook are built on it. This can be attributed to many reasons; it is easy to learn, easy to install and...
View ArticleClik here to view.
Webroot’s Threat Blog Most Popular Posts for 2012
By Dancho Danchev It’s that time of the year! The moment when we look back, and reflect on Webroot’s Threat Blog most popular content for 2012. Which are this year’s most popular posts? What...
View ArticleClik here to view.
How fraudulent blackhat SEO monetizers apply Quality Assurance (QA) to their...
By Dancho Danchev How are cybercriminals most commonly abusing legitimate Web traffic? On the majority of occasions, some will either directly embed malicious iFrames on as many legitimate Web sites as...
View ArticleClik here to view.
Malicious multi-hop iframe campaign affects thousands of Web sites, leads to...
Ever since we exposed and profiled the evasive, multi-hop, mass iframe campaign that affected thousands of Web sites in November, we continued to monitor it, believing that the cybercriminal(s) behind...
View ArticleCybercrime Trends 2013 – Year in Review
It’s that time of the year! The moment when we reflect back on the cybercrime tactics, techniques and procedures (TTPs) that shaped 2013, in order to constructively speculate on what’s to come for 2014...
View ArticleClik here to view.
DIY Python-based mass insecure WordPress scanning/exploting tool with...
Throughout 2013, we not only witnessed the re-emergence of proven mass, efficiency-oriented Web site hacking/exploitation tactics, such as, the reliance on Google Dorks scanning, good old fashioned...
View ArticleClik here to view.
Fully automated, API-supporting service, undermines Facebook and Google’s...
Operating in a world dominated by millions of malware-infected hosts acting as proxies for the facilitation of fraudulent and malicious activity, the Web’s most popular properties are constantly...
View ArticleMalicious campaign relies on rogue WordPress sites, leads to client-side...
In a cybercrime ecosystem populated by commercially available WordPress brute-forcing and mass vulnerable WordPress installation scanning tools, cybercriminals continue actively capitalizing on the...
View ArticleClik here to view.
Commercially available database of 52M+ ccTLD zone transfer domains spotted...
For years, cybercriminals have been building ‘hit lists’of potential targets through automated and efficiency-oriented reconnaissance TTPs (tactics, techniques and procedures). The aim is to...
View ArticleClik here to view.
Managed DDoS WordPress-targeting, XML-RPC API abusing service, spotted in the...
With WordPress continuing to lead the CMS market segment, with the biggest proportion of market share, cybercriminals are actively capitalizing on the monocultural insecurities posed by this trend, in...
View Article
