PoC targeting critical Apache Struts bug found online

The discovery was made barely two days after the release of a patch that fixes the critical flaw in the web application framework. Researchers have discovered freely available proof-of-concept (PoC) code that can be used to exploit a critical security hole in the Apache Struts 2 web application framework shortly after the vulnerability was disclosed … More PoC targeting critical Apache Struts bug found online

Linux/Cdorked.A: New Apache backdoor being used in the wild to serve Blackhole

Last week, our friends at Sucuri sent us a modified version of an Apache webserver redirecting some of its requests to the infamous Blackhole exploit packs. Sucuri has published a blog post on this attack. Our analysis of this malware, dubbed Linux/Cdorked.A, reveals that it is a sophisticated and stealthy backdoor meant to drive traffic … More Linux/Cdorked.A: New Apache backdoor being used in the wild to serve Blackhole