I’ve been digging through some PHP files that are trying very hard to hide what they are doing. Basically, the PHP code is base64 encoded and then compressed. The blob of random text is then stuffed into a PHP file which calls to decode it and execute it on the web server. While it obscures [...]
Tags: incident response, malicious php, obscured malicious code
Having a solid incident response capability isn’t an accident. It’s the result of focused preparation, training and culture. Incidents come at unexpected times, frequently with little warning, and can have a severe impact on an organization. It’s during these times that inadequate planning, documentation and missing tools become painfully apparent. That high level incident response [...]
Tags: computer incident, incident response, preparation, security incident
One of the most disheartening things about the Gulf of Mexico disaster is to watch BP, the government and other involved parties appear to make up their response as they go along. Aren’t oil companies required to plan for failures and how to recover from them? As it turns out yes, they are. Tonight I [...]
Tags: incident response, lessons learned, planning for disaster
