Malicious PHP upload attempts have been ramping up over the past week. I am beginning to wonder if we are starting to see some more activity from botnets, possibly related to recent DSL & GPON exploit attempts (D-Link & DSL-2750B).
I thought about writing up a short article on exploitation attempts I have been seeing in the wild. This website, services.vcodispot.com, and associated .onion versions sit behind Suricata IPS. Suricata is an open source Network Intrusion Detection System (IDS) or
Accessing Vulnerable Windows Workstations on Network. (Updated 6/4/2018) Microsoft has taken preventative measures against vulnerabilities that exist with SMBv1 by no longer including the network protocol after the Windows 10 Fall Creators Update and Windows Server, version 1709