Date Author Title
2022-04-04Johannes UllrichEmptying the Phishtank: Are WordPress sites the Mosquitoes of the Internet?
2022-02-02Johannes UllrichFinding elFinder: Who is looking for your files?
2022-01-16Guy Bruneau10 Most Popular Targeted Ports in the Past 3 Weeks
2021-12-04Guy BruneauA Review of Year 2021
2021-11-30Johannes UllrichHunting for PHPUnit Installed via Composer
2021-10-30Guy BruneauRemote Desktop Protocol (RDP) Discovery
2021-03-10Rob VandenBrinkSharpRDP - PSExec without PSExec, PSRemoting without PowerShell
2020-08-22Guy BruneauRemote Desktop (TCP/3389) and Telnet (TCP/23), What might they have in Common?
2020-07-21Jan KoprivaCouple of interesting Covid-19 related stats
2020-04-07Johannes UllrichIncrease in RDP Scanning
2019-11-05Rick WannerBluekeep exploitation causing Bluekeep vulnerability scan to fail
2019-08-22Xavier MertensSimple Mimikatz & RDPWrapper Dropper
2019-08-05Rick WannerScanning for Bluekeep vulnerable RDP instances
2019-07-18Xavier MertensMalicious PHP Script Back on Stage?
2019-05-22Johannes UllrichAn Update on the Microsoft Windows RDP "Bluekeep" Vulnerability (CVE-2019-0708) [now with pcaps]
2019-02-07Bojan ZdrnjaUAC is not all that bad really
2018-12-16Guy BruneauRandom Port Scan for Open RDP Backdoor
2018-06-13Xavier MertensA Bunch of Compromized Wordpress Sites
2018-01-09Jim ClausingAre you watching for brute force attacks on IPv6?
2017-05-05Xavier MertensHTTP Headers... the Achilles' heel of many applications
2017-02-04Xavier MertensDetecting Undisclosed Vulnerabilities with Security Tools & Features
2015-03-13Guy BruneauBlind SQL Injection against WordPress SEO by Yoast
2014-11-20Johannes UllrichCritical WordPress XSS Update
2014-07-22Daniel Wesemann WordPress brute force attack via wp.getUsersBlogs
2014-06-19Tony CarothersWordPress and Security
2014-03-12Johannes UllrichWordpress "Pingback" DDoS Attacks
2013-08-13Swa FrantzenMicrosoft security advisories: RDP and MD5 deprecation in Microsoft root certificates
2012-05-22Johannes Ullrichnmap 6 released
2012-04-21Guy BruneauWordPress Release Security Update
2012-03-16Russ McReeMS12-020 RDP vulnerabilities: Patch, Mitigate, Detect
2012-03-01Bojan ZdrnjaMonitoring Remote Desktop Services logs ... or not?
2012-01-05Russ McReeWordPress 3.3.1 fixes 15 issues with WordPress 3.3 including XSS. Download 3.3.1 or visit Dashboard --> Updates in your site admin panel.
2011-09-12Johannes UllrichMore RDP Worm Variants?
2011-08-25Kevin ShorttIncreased Traffic on Port 3389
2011-08-03Johannes UllrichPort 3389 / terminal services scans
2011-06-30Guy BruneauWordPress 3.1.4 Security Update - http://wordpress.org/news/2011/06/wordpress-3-1-4/
2011-06-22Guy BruneauWordPress Forces Password Reset
2011-04-18John BambenekWordpress.com Security Breach
2011-02-08Mark HofmanWordPress 3.0.5 (and 3.1 RC4) are out
2010-12-30Johannes UllrichCritcal Wordpress Security Update http://wordpress.org/news/2010/12/3-0-4-update/
2010-12-02Kevin JohnsonSQL Injection: Wordpress 3.0.2 released
2010-05-19Kyle HaugsnessWordpress blog attacks... again
2010-05-10Toby KohlenbergAnother round of WordPress Attacks
2010-02-05Jim ClausingWordPress iframe injection?
2009-11-30Bojan ZdrnjaDistributed Wordpress admin account cracking
2009-10-21Pedro BuenoWordPress Hardening
2009-10-09Rob VandenBrinkCyber Security Awareness Month - Day 9 - Port 3389/tcp (RDP)
2009-08-11Swa FrantzenWordpress unauthenticated administrator password reset
2008-09-09Swa Frantzenwordpress upgrade
2008-04-23Mari NicholsWhat's New, Old and Morphing?