The Trickster Hackers – Backdoor Obfuscation and Evasion Techniques
A backdoor is a method for bypassing the normal authentication or encryption of a system. Sometimes developers construct backdoors to their own programs for various reasons. For example, to provide easy maintenance, developers introduce a backdoor that enables them to restore the manufacturer’s default password. On the other side, very ... Read More
New research shows 75% of ‘open’ Redis servers infected
Since our initial report on the RedisWannaMine attack that propagates through open Redis and Windows servers, we’ve been hearing about more and more attacks on Redis servers. Redis is a great tool, it can serve as in-memory distributed database, cache or a message broker and is widely popular. Redis is ... Read More
Drupalgeddon 2.0: Are Hackers Slacking Off?
Ever since March 28th, when Drupal published a patch for a RCE named Drupalgeddon 2.0 (SA-CORE-2018-002/CVE-2018-7600), Imperva has been monitoring our cloud looking for hackers’ attempts to exploit the vulnerability, but found nothing. Until today. It somehow seems fitting that nefarious activity picked up today, Friday the 13th. After a ... Read More
RedisWannaMine Unveiled: New Cryptojacking Attack Powered by Redis and NSA Exploits
Recently cryptojacking attacks have been spreading like wildfire. This week we saw a new generation of cryptojacking attacks aimed at both database servers and application servers. We dubbed one of these attacks RedisWannaMine. Read on ... Read More
