The WordPress security plugin, Wordfence, published a blog entry describing how one of its techs working on cracking malware goes about doing the various steps in a recent day, analysing and developing responses to specific threats.
While the post seems at first to be highly technical, it’s quite readable by the informed layperson, and quite interesting to see. It also dispels the cryptocurrency baitclick headline to note it could have been running anything off the site, it just happened to be doing CCs.
» Read the rest
One of our sources of threat data at Defiant is cleaning hacked websites. In this case, Ivan, a member of our SST team had cleaned a hacked site and handed me the forensic data for analysis. The site had been hacked for months before the owner discovered that it had been compromised.
My normal routine is to start by verifying the files we already detect to check if there is any new information inside any of them.