Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Diaries by Keyword - Internet Security | DShield Diaries by Keyword


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

PHP TROJAN

2010-05-23Manuel Humberto Santander Pelaeze-mail scam announcing Fidel Castro's funeral ... and nasty malware to your computer.

PHP

2019-07-18/a>Xavier MertensMalicious PHP Script Back on Stage?
2019-04-04/a>Xavier MertensNew Waves of Scans Detected by an Old Rule
2018-11-16/a>Xavier MertensBasic Obfuscation With Permissive Languages
2018-07-11/a>Remco VerhoefWell, Hello Again Peppa!
2018-07-02/a>Guy BruneauHello Peppa! - PHP Scans
2018-06-13/a>Xavier MertensA Bunch of Compromized Wordpress Sites
2018-05-06/a>Guy BruneauScans Attempting to use PowerShell to Download PHP Script
2017-09-14/a>Xavier MertensAnother webshell, another backdoor!
2017-08-07/a>Xavier MertensIncrease of phpMyAdmin scans
2017-02-28/a>Xavier MertensAnalysis of a Simple PHP Backdoor
2016-12-26/a>Russ McReeCritical security update: PHPMailer 5.2.20 (CVE-2016-10045)
2016-07-13/a>Xavier MertensDrupal: Patch released today to fix a highly critical RCE in contributed modules
2015-07-12/a>Guy BruneauPHP 5.x Security Updates
2014-09-19/a>Guy BruneauPHP Fixes Several Bugs in Version 5.4 and 5.5
2014-08-22/a>Richard PorterPHP 5.4.32 Released http://www.php.net/ChangeLog-5.php#5.4.32
2014-08-22/a>Richard PorterPHP 5.5.16 is available http://www.php.net/ChangeLog-5.php#5.5.16
2014-08-16/a>Lenny ZeltserWeb Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability
2014-04-04/a>Stephen HallPHP 5.4.27 released
2014-03-27/a>Alex StanfordMass XSSodus in PHP
2013-10-25/a>Johannes UllrichPHP.net compromise aftermath: Why Code Signing Beats Hashes
2013-10-24/a>Johannes UllrichFalse Positive: php.net Malware Alert
2013-09-19/a>Bojan ZdrnjaArrays in requests, PHP and DedeCMS
2013-08-11/a>Bojan ZdrnjaXATattacks (attacks on xat.com)
2013-08-04/a>Johannes UllrichBBCode tag "[php]" used to inject php code
2013-06-07/a>Daniel WesemannPHP patches - see http://www.php.net/ChangeLog-5.php - fixes CVE2013-2110
2013-02-22/a>Chris MohanPHP 5.4.12 and PHP 5.3.22 released http://www.php.net/ChangeLog-5.php
2013-01-17/a>Russ McReePHP 5.4.11 and PHP 5.3.21 released
2012-09-19/a>Russ McReeScript kiddie scavenging with Shellbot.S
2012-06-14/a>Johannes UllrichPHP 5.4.4 and 5.3.14 released with fixes for DES crypt issue and phar heap overflow
2012-05-08/a>Kevin ListonPHP 5.4.3 and PHP 5.3.13 Released
2012-04-05/a>Johannes UllrichEvil hides everywhere: Web Application Exploits in Headers
2012-03-07/a>Johannes UllrichWhat happened to RFI attacks?
2012-02-07/a>Johannes UllrichSecure E-Mail Access
2012-02-03/a>Guy BruneauPHP 5.3.10 Released, Fixes CVE-2012-0830 available for download http://www.php.net/archive/2012.php#id2012-02-02-1
2012-02-03/a>Johannes UllrichCritical PHP bug patched
2012-01-16/a>Kevin Shorttphp 5.3.9 released -Jan-10-2011
2012-01-12/a>Rob VandenBrinkPHP 5.39 was release on the 10th, amongst other things, it addresses CVE-2011-4885 (prevents attacks based on hash collisions) and CVE-2011-4566 (integer overflow when parsing invalid exif header)
2011-08-22/a>Jim ClausingDO NOT upgrade to PHP 5.3.7, significant bug in crypt() function, see http://www.php.net/
2011-08-18/a>Rob VandenBrinkPHP 5.37 release. Some security updates, plus lots of bug fixes ==> http://www.php.net/archive/2011.php#id2011-08-18-1
2010-08-31/a>Bojan ZdrnjaInteresting PHP injection
2010-08-10/a>Daniel WesemannSSH - new brute force tool?
2010-07-04/a>Manuel Humberto Santander PelaezInteresting analysis of the PHP SplObjectStorage Vulnerability
2010-06-14/a>Manuel Humberto Santander PelaezAnother way to get protection for application-level attacks
2010-05-23/a>Manuel Humberto Santander Pelaeze-mail scam announcing Fidel Castro's funeral ... and nasty malware to your computer.
2010-02-27/a>Guy BruneauPHP 5.2.13 Security Update
2010-01-29/a>Johannes UllrichAnalyzing isc.sans.org weblogs, part 2, RFI attacks
2009-12-28/a>Johannes Ullrich8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug)
2009-11-20/a>Mark Hofman PHP 5.3.1 is released. With many of the websites on the net relying on PHP and the number of attacks we see, consider upgrading. This release has over 100 bug fixes, some of which are security related.
2009-08-01/a>Deborah HaleWebsite Warnings
2009-06-26/a>Mark HofmanPHPMYADMIN scans
2009-06-24/a>Kyle HaugsnessExploit tools are publicly available for phpMyAdmin
2009-06-21/a>Scott FendleyphpMyAdmin Scans
2009-04-07/a>Johannes UllrichCommon Apache Misconception
2009-02-03/a>Swa FrantzenOn the importance of patching fast
2008-12-10/a>Stephen HallPHP Group has released PHP version 5.2.8
2008-09-09/a>Swa Frantzenwordpress upgrade
2008-08-19/a>Johannes UllrichA morning stroll through my web logs
2008-05-05/a>John BambenekPHP 5.2.6 out w/ security updates
2006-12-24/a>Swa FrantzenphpBB 2.0.22 - upgrade time
2006-11-29/a>Toby KohlenbergNew Vulnerability Announcement and patches from Apple
2006-09-13/a>Swa FrantzenPHP - shared hosters, take note.

TROJAN

2019-09-19/a>Xavier MertensAgent Tesla Trojan Abusing Corporate Email Accounts
2019-07-18/a>Xavier MertensMalicious PHP Script Back on Stage?
2019-06-25/a>Brad DuncanRig Exploit Kit sends Pitou.B Trojan
2018-11-15/a>Brad DuncanEmotet infection with IcedID banking Trojan
2018-10-10/a>Xavier MertensNew Campaign Using Old Equation Editor Vulnerability
2018-09-13/a>Xavier MertensMalware Delivered Through MHT Files
2017-08-15/a>Brad DuncanMalspam pushing Trickbot banking Trojan
2013-12-07/a>Guy BruneauSuspected Active Rovnix Botnet Controller
2013-10-26/a>Guy BruneauActive Perl/Shellbot Trojan
2013-10-25/a>Rob VandenBrinkKaspersky flags TCPIP.SYS as Malware
2013-05-04/a>Kevin ShorttThe Zero-Day Pendulum Swings
2012-07-05/a>Adrien de BeaupreNew OS X trojan backdoor MaControl variant reported
2012-04-14/a>Rick WannerFlashback Trojan Removal Tool Released
2011-08-05/a>donald smithNew Mac Trojan: BASH/QHost.WB
2011-05-21/a>Daniel WesemannWeekend reading
2010-12-31/a>Bojan ZdrnjaAndroid malware enters 2011
2010-08-22/a>Rick WannerFailure of controls...Spanair crash caused by a Trojan
2010-07-03/a>Deborah HaleDelivery Status Failure Notice That Packed A Wallop
2010-06-13/a>Rick WannerUnRealCD compromised by Trojan
2010-05-23/a>Manuel Humberto Santander Pelaeze-mail scam announcing Fidel Castro's funeral ... and nasty malware to your computer.
2010-03-17/a>Deborah HaleTrojan outbreak on a College Campus
2009-11-03/a>Bojan ZdrnjaOpachki, from (and to) Russia with love
2009-10-05/a>Adrien de BeaupreCyber Security Awareness Month - Day 5 port 31337
2009-07-01/a>Bojan ZdrnjaMobile phone trojans
2009-03-16/a>Johannes Ullrichnew rogue-DHCP server malware
2009-02-06/a>Adrien de BeaupreFake stimulus payments
2009-01-24/a>Pedro BuenoIdentifying and Removing the iWork09 Trojan
2009-01-07/a>Bojan ZdrnjaAn Israeli patriot program or a trojan
2008-11-16/a>Maarten Van HorenbeeckDetection of Trojan control channels
2008-09-16/a>donald smithDon't open that invoice.zip file its not from UPS
2008-06-25/a>Deborah HaleReport of Coreflood.dr Infection