Get a Pentest and security assessment of your IT network.

News

Lizamoon attacks and generic detection

“Lizamoon” attacks are a rapidly spreading bit of SQL injection named for the domain that hosted the script dropped onto a variety of web sites. SID 13989 is the rule you want to make sure is enabled when running a Sourcefire/Snort box. It was originally written to deal with SQL injection attacks similar to the Asprox trojan. The rule has the handy benefit of picking up a number of different attacks that are being obfuscated via use of the char() function.”]

Source: https://blog.talosintelligence.com/2011/04/lizamoon-attacks-and-generic-detection.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2