Levent Unal

Corrected Yara rule for the Wiper malware

Corrected Yara rule for the Wiper malware

Ars Technica has recently published an article about the “wiper” malware. In that article they published a Yara¬† rule provided by FBI. However, the rule does not work due to a syntax error. Following rule corrects the syntax error and can be used with Yara 3.2.0. Happy hunting!

Massive WordPress attacks are in progress

Massive WordPress attacks are in progress

I see a lot of brute-force attempts made to my site lately. In fact, the unsuccessful login attempts using the “admin” user id are increased by 300 fold. My preliminary investigation showed that all of the offending systems are running Linux. Compromised systems include online retailers, academic institutions, and individuals. Upon investigating offending hosts, IRead more about Massive WordPress attacks are in progress[…]