Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

PHP website compromised

Forcepoint : 29 October, 2013  (Technical Article)
Websense comments on the infection of the PHP.net site which sets out to redirect users to Magnitude Exploit Kit
PHP website compromised

Websense Security Labs has discovered that PHP.net has been compromised, serving up obfuscated content. PHP.net is a site currently ranked 220 on the Alexa ranking system.

The goal of this injection was to redirect users to the Magnitude Exploit Kit (MEK), which attempts to exploit Adobe and Java platforms, among others, in order to serve up generic Ransomware.

Google Safe Browsing has also alerted users to the infection or compromise - a member of Google's staff has posted on a number of forums to confirm that this is a true positive.

Commenting on the compromise, Carl Leonard, Senior Security Research Manager EMEA at IT Security firm Websense said, “The ultimate goal of this injection was to redirect users to the Magnitude Exploit Kit (MEK), which attempts to exploit Adobe and Java platforms, among others, in order to serve up generic Ransomware. Here we see cybercriminals focusing on another high Alexa-ranking website, this time targeting users of a very popular programing language, PHP. Popular sites will always be a target for the bad guys, and without inline real-time defences that offer point-of-click protection, users will not be protected from visiting a website that can be compromised one moment and clean the next.”

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo