Update on Net-Worm.Perl.Santy.a and phpBB vulnerabitlity

Research

21 Dec 2004

minute read

Authors

Roel Schouwenberg

Further analysis has shown that although older versions of phpBB are vulnerable, phpBB 2.0.11 is not.

Therefore we strongly urge everyone to update to phpBB 2.0.11 to prevent infection by this Worm.

Authors

Roel Schouwenberg

Update on Net-Worm.Perl.Santy.a and phpBB vulnerabitlity

Latest Posts

Latest Webinars

Reports

In this article, we discuss the tools and TTPs used in the SideWinder APT’s attacks in H2 2024, as well as shifts in its targets, such as an increase in attacks against the maritime and logistics sectors.

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Lazarus targets employees of a nuclear-related organization with a bunch of malware, such as MISTPEN, LPEClient, RollMid, CookieTime and a new modular backdoor CookiePlus.

Update on Net-Worm.Perl.Santy.a and phpBB vulnerabitlity

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

ZeroLocker won’t come to your rescue

A Post-PC BlackHat?

Adobe Updates April 2014

Trust. Trust. Trust

Adobe’s First Patch Tuesday of 2014

DCRat backdoor returns

Mercedes-Benz Head Unit security research report

Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT

Threats in space (or rather, on Earth): internet-exposed GNSS receivers

Loose-lipped neural networks and lazy scammers

Latest Posts

Undercover miner: how YouTubers get pressed into distributing SilentCryptoMiner as a restriction bypass tool

Mobile malware evolution in 2024

The SOC files: Chasing the web shell

Exploits and vulnerabilities in Q4 2024

Latest Webinars

Silent shields & digital dragons: MDR’s proactive protection

From chaos to control: streamlining detection engineering in Security Operation Centers

Сrimeware and financial cyberthreats in 2025

Global IT outages and supply chain attacks: 2024’s lessons and tomorrow’s cyberthreats

Reports

SideWinder targets the maritime and nuclear sectors with an updated toolset

EAGERBEE, with updated and novel components, targets the Middle East

BellaCPP: Discovering a new BellaCiao variant written in C++

Lazarus group evolves its infection chain with old and new malware

Subscribe to our weekly e-mails