WebOrion® / Security Articles
WebOrion® launches Javascript Malware Detection Engine (JME)

WebOrion® is pleased to announce the launch of our new Javascript Malware Detection Engine(JME). The JME adds to the powerful capabilities of our WebOrion® Monitor to detect defacements, malicious scripts and other website threats. Today, practically every website uses JavaScript. The power and flexibility of a scripting language embedded within the browser has allowed websites to be more dynamic...

Read More
AWS CloudGoat and mitigation strategies: Part 5

AWS Cloudgoat and mitigation strategies Part 5 This is part 5 of the series on AWS Cloudgoat Scenarios and the mitigation strategies. This part of the article presumes that Cloudgoat has already been configured. Please refer to part 1 of this series to see how to install and configure Cloudgoat.   Scenario 7: Stealing secrets using CloudBuild Description: Starting as the IAM user “Solo”, the attacker discovers...

Read More
AWS CloudGoat and mitigation strategies: Part 4

AWS Cloudgoat and mitigation strategies Part 4 This is part 4 of the series on AWS Cloudgoat Scenarios and the mitigation strategies. In this part, we cover Scenario 6. This part of the article presumes that Cloudgoat has already been configured. Please refer to part 1 of this series to see how to install and configure Cloudgoat. Scenario 6: rce_web_app Description: Start as the IAM user...

Read More
AWS CloudGoat and mitigation strategies: Part 3

AWS Cloudgoat and mitigation strategies Part 3 This is part 3 of the series on AWS Cloudgoat Scenarios and the mitigation strategies. In this part, we cover Scenarios 4 and 5: Scenario 4: Privilege escalation via EC2 instance (iam_privesc_by_attachment) Scenario 5: Privilege escalation via SSRF web application exploit (ec2_ssrf) testerjm.pem --region us-east-1 --profile kerrigan Next just set the permission on the SSH key on...

Read More
AWS CloudGoat and mitigation strategies: Part 2

AWS Cloudgoat and mitigation strategies Part 2 This is part 2 of the series on AWS Cloudgoat Scenarios and the mitigation strategies. In this part, we cover Scenarios 2 and 3: Scenario 2: Privilege escalation via AWS Lambda (lambda_privesc) Scenario 3: Misconfigured EC2 Reverse Proxy to S3 Breach (cloud_breach_s3)...

Read More
AWS CloudGoat and mitigation strategies: Part 1

Introduction As cloud computing is becoming mainstream, the security concerns associated with it has been increasing as well.Most of the public cloud users understand that this is a shared responsibility between the cloud provider and the users as well. According to Gartner, 95% of all cloud security failures are due to misconfigurations. We thought that this would be a good way to highlight...

Read More
Unpatched Code Snippets Plugins Puts over 200,000 WordPress Sites at Risk

More than 200,000 websites using WordPress with unpatched open-source code snippets allows attackers to take over WordPress sites due to missing referrer checks on the import menu. (Figures are based on the number of active installations in the WordPress Library). Wordfence researchers explained that “The plugin developer protected nearly all endpoints of this plugin with WordPress “nonces” for greater security. However, the...

Read More
Ransomware Attacks and How They Affect Your Website

Ransomware is an especially nasty attack that holds your data hostage until you pay the attacker a fee. This fee can be anywhere from $50 to several thousands of dollars. If you don’t pay, usually the attacker continues to increase the fee until you are forced to wipe your server’s hard drive and start over. Unless you have a backup,...

Read More
Five Ways a Website Can be Hacked

In today’s world, one must think twice before claiming that (s)he is safe from hackers. Be it ordinary individuals, small companies, large technology corporations or even governments with vast resources, it seems everybody falls victim to a hacking incident these days. We collected the top 6 risk factors affecting most websites. The list aims to give you a quick 360° panorama...

Read More
Best Practices to Address Web Defacements

Web defacement is one of the biggest security challenges to any organization that is running online. Web defacement is typically done by hackers who break into a web server and replace the hosted website with one of their own, using techniques such as phishing, code injection, cross site scripting etc. Common targets of defacement are religious websites, govern­ment websites, bank...

Read More