Cesar Anjos, Author at Security Boulevard
Password Attacks 101

Password Attacks 101

According to the 2020 Data Breaches report by Verizon, 25% of all breaches involved the use of stolen credentials. And for small businesses, that number hit 30%. Brute force attacks have a similar share, accounting for 18% of all breaches, and 34% of those for small businesses. Why are password ... Read More

Server Side Data Exfiltration via Telegram API

One of the themes commonly highlighted on this blog includes the many creative methods and techniques attackers employ to steal data from compromised websites. Credit card skimmers, credential and password hijackers, SQL injections, and even malware on the server level can be used for data exfiltration. What’s more, attackers may ... Read More
Why You Should Monitor Your Website

Why You Should Monitor Your Website

In an effort to maintain unauthorized access or profit off a website’s environment long after an initial compromise, attackers commonly leverage a variety of different techniques and tactics. These techniques range from adding backdoors, stealing sensitive data, redirecting the site to other third-party resources, or even injecting specially crafted links ... Read More

Evasive Maneuvers in Data Stealing Gateways

We have already shared examples of many kinds of malware that rely on an external gateway to receive or return data, such as different malware payloads. During a recent investigation, we came across this example of a PHP script that attackers use for many different purposes. What makes the sample ... Read More
Analyzing & Decrypting L4NC34’s Simple Ransomware

Analyzing & Decrypting L4NC34’s Simple Ransomware

We’re constantly seeing news about computers being infected by ransomware, but very little do we hear about it affecting websites. That being said, the impact can be serious if the affected website is the webmaster’s only source of income or a business relies entirely on it’s website and online presence ... Read More
Password Attacks 101

Password Attacks 101

One of the most common attacks carried out nowadays is related to cracking passwords, but most people probably just know about brute-forcing. There are, in fact, other kinds of attacks around passwords. Let’s take a look at three kinds of password attacks. Brute Force Attacks Brute forcing in its essence ... Read More
Down the Malware Rabbit Hole: Part II

Down the Malware Rabbit Hole: Part II

In our last post in this series, we took a look at a code snippet that had been encoded in a very specific way — and hidden 91 layers deep. Today, we’ll reveal how attackers achieve this level of encoding and investigate one of the many possible tools they can ... Read More

Down the Malware Rabbit Hole – Part 1

It’s common for malware to be encoded to hide itself—or its true intentions—but have you ever given thought to what lengths attackers will go to hide their malicious code? In our first post in this series, we’ll describe how bad actors hide their malicious code and the steps taken to ... Read More
Lightbox Adware – From Innocent Scripts to Malicious Redirects

Lightbox Adware – From Innocent Scripts to Malicious Redirects

It’s no news that webmasters commonly make use of external scripts to add more features to their site, but things can turn out for the worse quite easily. What if other scripts start behaving the same? What if they start to use your website to spread ransomware? Visitors Redirected to ... Read More
Cronjob Backdoors

Cronjob Backdoors

Attackers commonly rely on backdoors to easily gain reentry and maintain control over a website. They also use PHP functions to further deepen the level of their backdoors. A good example of this is the shell_exec function which allows plain shell commands to be run directly through the web application, ... Read More