Bash Vulnerability is a family of security bugs in the widely used Unix Bash shell. Many Internet-facing services, such as some web server deployments, use Bash to process certain requests, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This can allow an attacker to gain unauthorized access to a computer […]
We found lot off new activies again somekind bot network: If we look this line number 19: wp-load.php from auditlog and found there cookie ID & CODE payload (php eval): Our commerical ModSecurity rules detect these and block them!
PHP backdoors are server-side malicious scripts. The typical example of such backdoors are various File Managers, Web Shells, Command Shells, tools for bypassing admin login or various one-purpose scripts allowing the attacker to upload and run another type of malicious scripts. The payload is PHP based, thus intended for server-side use and the payload is […]
To extra protect your SSH server with an two-factor authentication, you can use the Google Authenticator PAM module. Every time you login ssh to server you have to enter extra the code from your smartphone. note: If you activate the google-authenticator for a normal user but not for root you can’t login with the root […]
Securing your Linux server is important to protect your and customers data, intellectual property, and time, from the hands of crackers/hackers. The system administrator is responsible for security Linux Server. 1. Use only Encrypt Data Communication Because all data transmitted over a network is open to monitoring. Encrypt transmitted data whenever possible with password or […]
The HTTPOXY vulnerability which has been found recently is a vulnerability that affects applications that run in cgi or cgi-like environments. This means that the issue affects almost all web servers including Apache and Nginx and also most PHP applications. Even the mod_php mode on apache is affected. There is a common system environment variable […]