Remaining week, the Google has introduced the first SHA-1 collision attack and CWI seems to have a serious impact on repositories which use the Apache Subversion(SVN) software versioning and revision manipulate gadget. The builders of the WebKit net browser engine have noticed some severe troubles after their attempt to add a check for the SHA-1 […]
Short Bytes: Apache OpenOffice, the open source office suite, is considering retirement. An email by the VP of OpenOffice has thrown light on the possible retirement of the office suite in the coming future. The project has not been able to push regular updates due to lack of volunteer developers, who have shifted to LibreOffice. One […]
An unmodified default setting in Apache Web Servers revealed crucial details related to TOR traffic that passed through that server. It is a well-known fact that the hidden areas (or underworld) of the Internet such as The Dark Web can only be accessed through specialized services like I2p or Tor because these services are restricted […]
Default Settings In Apache Servers Can Leak Details about Tor traffic. This has happened the second time in this week. Leaving default setting open after the product has been released can cause serious problems for the product users. Earlier we had MediaTek leaving a debug tool meant for developers open after shipping which could let potential […]
This comprehensive look at the problems of malware on Linux Apache web servers explains the threats to business and helps you figure out if your organization is likely to be affected.
Analysis of a malicious backdoor serving Blackhole exploit pack found on Linux Apache webserver compromised by malware dubbed Linux/Cdorked.A, together with remediation tool and techniques.
Apache modules are add-on code taking advantage of the Apache module API to extend the functionality of the standard Apache distro. In this case, the binary’s functionality was malicious, but there is no exploitation of a known Apache vulnerability in this case.
More than half of all web servers on the Internet use Apache, so when we discovered a malicious Apache module in the wild last month, we were understandably concerned.
If your organization’s website runs on Apache, and many do, you might wonder if the webserver’s .htaccess controls are securely configured. If you believe the demo we saw yesterday at Blackhat by Matias Katz and Maximiliano Soler, the answer is a resounding ‘NO!’ What Katz and Soler described in their session is not some rare