Cybersecurity blog

Introduction (2017-03-03 22:03:21)
Introduction

The Cybersecurity blog is a place where I can write about all topics relating to online security, web-based attacks, "hacking", exploits, vulnerabilities, penetration testing, etc.

In my work I operate many servers which are connected to the Internet, for myself, my company and my clients. Having a server connected… click to read more

Hidden in Plain Sight: how attackers use obfuscation to hide code (2017-05-26 09:42:11)
Hidden in Plain Sight: how attackers use obfuscation to hide code Introduction

Many articles, including my own, make references to code obfuscation. This article takes a look at what this actually is, as well as why it is often used by attackers to hide malicious code.

What is obfuscation?

Obfuscation… click to read more

Web Exploit Detector: NPM module (2017-04-22 15:23:00)
Web Exploit Detector: NPM module Introduction

As a follow-up to the previous article about my Web Exploit Detector, I am happy to announce that I have just made the project available as an NPM module. This allows the application to be installed, used and updated much more easily than before.

click to read more
Web Exploit Detector: Node.js security scanner (2017-04-16 19:16:33)
Web Exploit Detector Introduction

After detecting some new exploits on one of my web servers, I decided to start work on a new application called the "Web Exploit Detector". This project is open-source and hosted on GitHub, meaning that it's free for anyone to use and, more importantly, anyone can… click to read more

WordPress Hacks: jQuery JS script injection (2017-03-06 22:04:25)
WordPress Hacks: jQuery JS script injection Introduction

In the second of my series of articles about different exploits seen for WordPress sites, I discuss a particular attack that causes all pages on an infected site to redirect to a page of the attacker's choice, which in this case was an… click to read more

WordPress Hacks: functions.php Backdoors (2017-03-03 22:03:48)
WordPress Hacks: functions.php Backdoors Introduction

I recently noticed that a number of our client sites had some suspicious code added to the top of the functions.php file for each of the installed themes. This is an investigation into this code and details of how to remove it.

I am making… click to read more