Targets of the day - SANS Internet Storm Center

SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Targets of the day
So, on a sunday morning, I was watching some hacker activities. These hackers were doing the following pattern: - Using bots based on Perl - Querying Google for parts of the urls that may identify some applications, using the "inurl:" parameter. - Scanning the Google results sites for vulnerable applications - Exploit those applications in a way to run remote commands on the machine, giving orders like download additional software to the machine, like the same perl bot. As the "plat du jour" , the following services/applications were being scanned, using google: - modules/tinycontent - flashchat - /xgallery/ - webcalendar So, if you use any application that contains these strings in the url that makes easy for them to find your site, beware and check for additional updates on these applications! --------------------------------------------------------------------------------------- Pedro Bueno < pbueno //&&// isc. sans. org >	Pedro 155 Posts ISC Handler Aug 26th 2007
Thread locked Subscribe	Aug 26th 2007 1 decade ago