Select Page

zero-day attack


How to fix Dirty Cow vulnerability in CentOS, RedHat, Ubuntu, Debian, CloudLinux and OpenSuse Linux servers

How to fix Dirty Cow vulnerability in CentOS, RedHat, Ubuntu, Debian, CloudLinux and OpenSuse Linux servers

Dirty COW vulnerability was first discovered a decade ago and has been present in Linux kernel versions from 2.6.22, which was released in 2007.

But the vulnerability gained attention only recently when hackers started exploiting it. This has led to the release of this bug as CVE-2016-5195 on October 19th, 2016. (more…)

How we blocked zero-day malware attacks on websites using NAXSI firewall

How we blocked zero-day malware attacks on websites using NAXSI firewall

On Oct 17th 2015, we started receiving reports of Magento shops being infected by GuruIncSite malware. We found that attackers were somehow getting access to Magento admin panel, and were inserting malicious code into websites. Magento’s official site didn’t have any information on the attack, and all that anyone knew was that Magento software had a vulnerability that allowed admin access to attackers.

This is a fairly typical scenario in a zero-day attack. An attack is termed zero-day when the affected software vendor isn’t aware of the vulnerability being exploited, and virtually everyone that uses that software is vulnerable to an attack. Unlike other kinds of attacks, defense against a zero-day attack is harder because no official patch or notification would be available from the vendor. Business owners using the vulnerable software would be left to fend for themselves until a patch is available. (more…)