Showing 8 results for: March 2014 ×Application Security ×

[Honeypot Alert] JCE Joomla Extension Attacks

Our web honeypots picked up some increased exploit attempts for an old Joomla Content Editor (JCE) Extension vulnerability. Although this vulnerability is a few years old, botnet owners are heavily scanning for sites that are vulnerable and attempting to exploit...

ColdFusion Admin Compromise Analysis (CVE-2010-2861)

In a previous blog post, I provided "Method of Entry" analysis for a ColdFusion compromise baed on sanitized data from a SpiderLabs IR/Forensics team investigation which resulted in the attacker's installing a malicious IIS module that captured customer credit card...

WordPress XML-RPC PingBack Vulnerability Analysis

There were news stories this week outlining how attackers are abusing the XML-PRC "pingback" feature of WordPress blog sites to launch DDoS attacks on other sites. This blog post will provide some analysis on this attack and additional information for...

Touchlogging Part 3 - Final Thoughts

This is the third and final part on the subject of Touchlogging. I do recommend reading part one and part two before reading this final part. The previous parts described the technical details of the touchlogging attacks. In this part,...

Touchlogging Part 2 - Android

This is part two in my Touchlogging series, you can find part one here. In part one, I wrote a little bit about the background and how to intercept touch events on jailbroken iOS. This part will focus on Android....

Touchlogging Part 1 - iOS

Although there have been numerous articles posted, I thought I would write about my recent presentation at the RSA Conference on the subject of touchlogging. Since many people have asked, I got the term touchlogging from this paper. I do...