Our last article explored trends we were seeing against WordPress and something became very evident – Arbitrary File Vulnerabilities ranked #1 for vulnerabilities being scanned for. Although the scope of our tests were limited, it does a lot to help better defenders better understand the tactics, techniques and procedures (TTP) being employed by bad actors. Why Arbitrary […]
Author: Tony Perez
Evolving the CDN / WAF Stack
A decade ago we built our first CDN/WAF solution. It was built from a need to keep websites from getting reinfected. At the time, our company was focused on identifying and remediating hacked websites. What we learned in the process is that it really doesn’t matter what you tell a website owner, they will rarely […]
Steps To Recovering Servers Post-Hack
After a hack, should an organization restore its servers from a new OS or from the backup? This is the question that we were posed with during a recent incident response case. The organization had been given two very different opinions, and wanted to know what we would do. The recommendations they had received came […]