December 20, 2018

LCG Kit Document Builder Now Using Microsoft Word Macros to Install Malware Payloads

2 min read - A weaponized document builder service known as LCG Kit added the ability to use Microsoft Word macros to load the necessary shellcode for installing malware.

Advanced Threats November 18, 2016

Ninety-Five Percent of Webshell Attacks Written in PHP

2 min read - Webshells are dangerous in the hands of APT groups. According to IBM Managed Security Services (MSS), 95 percent of webshell attacks are written in PHP.

Software Vulnerabilities July 14, 2016

Command Injection: A Deadly Needle in the Haystack

2 min read - Command injection attacks may not get a lot of hype, but they can be seriously damaging to an enterprise that isn't careful about its security.

Advanced Threats July 8, 2016

The Webshell Game Continues

5 min read - IBM X-Force researchers have noted a dramatic increase in the use of malicious webshell attacks throughout the first half of 2016.

Threat Intelligence April 14, 2016

Got WordPress? PHP C99 Webshell Attacks Increasing

5 min read - IBM MSS X-Force researchers found that C99 webshell attacks are increasing, particularly against content management systems such as WordPress.

Threat Research March 3, 2014

The State of Return Oriented Programming in Contemporary Exploits

6 min read - Return Oriented Programming (ROP) is the general case of a technique often used when exploiting security vulnerabilities caused by memory corruption issues. ROP has become a more frequently used technique in the exploitation of memory corruption vulnerabilities.

Advanced Threats May 2, 2013

Multistage Exploit Kits Boost Effective Malware Delivery

6 min read - Like ICBM missiles, multistage exploit kits first launch a nonthreatening stage and then use the second stage to inflict damage without raising suspicion.