Disclaimer: CrowdStrike derived this information from investigations in non-classified environments. Since we value our clients’ privacy and interests, some data has been redacted or sanitized. In our first blog post, “Mo’ Shells Mo’ Problems: Deep Panda Web Shells – Part 1”, we discussed two web shells leveraged by a Chinese threat group we call Deep Panda. In case you forgot, a web shell is a file containing backdoor functionality written in a web scripting language such ASP, ASPX, PHP, JSP or CFM. When a web shell is hosted on an internet facing victim system, an adversary can remotely access the system to perform malicious actions. Today we’ll cover one of three ways to help hunt for web shells in your environment: file stacking. We often use this method… Source link
Read More »Melbourne IT takes heat for Cold Fusion breach – Security – Telco/ISP
Melbourne IT has admitted to hosting and operating both the Queensland Government and AAPT servers that suffered breaches this week at the hands of hackers purporting to be from a Anonymous splinter group. The group Ops Australia took credit for defacing nine Queensland Government websites related to tourism, science and economic development and stealing a 40 GB trove of customer data… Source link
Read More »AAPT hack exploited ‘very old’ Cold Fusion hole – Security – Telco/ISP
The vulnerability used by Anonymous hackers to breach and obtain data from AAPT and Queensland Government websites was “very old”, sources have told iTnews‘ sister site SC Magazine. AAPT yesterday confirmed a 12-month-old backup of its business website had been compromised with hackers retrieving two “historic” data files with “limited personal customer information” compromised. The… Source link
Read More »Develop ColdFusion Apps for Free — SitePoint
For web developers who are just starting out, the idea of learning ColdFusion can be daunting, especially given that hosting a commercial site on Adobe ColdFusion server has the potential to be quite costly. While Adobe does provide a free, fully functional developer version of its ColdFusion server, it only allows for a browser from the local machine, plus two IP addresses, to connect at a time. This can place restrictions on the development process. For example, if one was seeking help and wanted to share a work-in-progress with others, Adobe’s development server would prevent this. Introducing BlueDragon Enter the dragon! The BlueDragon Server, that is. BlueDragon is a CFML (ColdFusion Markup Language) web server (much like Adobe’s ColdFusion Server), created by a company… Source link
Read More »