SANS ISC

[SANS ISC] Cryptominer Delivered Though Compromized JavaScript File

I published the following diary on isc.sans.org: “Cryptominer Delivered Though Compromized JavaScript File“: Yesterday I found an interesting compromised JavaScript file that contains extra code to perform crypto mining activities. It started with a customer’s IDS alerts on the following URL: hxxp://safeyourhealth[.]ru/wp-content/themes/wp-trustme/js/jquery.prettyphoto.js This website is not referenced as malicious and the

SANS ISC

[SANS ISC Diary] How your pictures may affect your website reputation

I published the following diary on isc.sans.org: “How your pictures may affect your website reputation“. In a previous diary, I explained why the automatic processing of IOC’s (“Indicator of Compromise”) could lead to false positives. Here is a practical example found yesterday. I captured the following malicious HTML page (MD5: