Initially released December 2015, PHP 7 introduced a multitude of performance and security improvements. Approximately 43.7% of websites across the web currently use PHP 7.x, making it an incredibly popular scripting language — which is likely why attackers are creating malware to target environments which leverage it.
During a recent investigation, our team stumbled across some malicious code which is used to inject a .user.ini file into a PHP 7 environment and add zend.assertions = 1.
Continue reading Using assert() to Execute Malware in PHP 7 Environments at Sucuri Blog.
The post Using assert() to Execute Malware in PHP 7 Environments appeared first on Security Boulevard.
The post Using assert() to Execute Malware in PHP 7 Environments first appeared on Malware Devil.
https://box2142.temp.domains/~malware7/2020/09/01/using-assert-to-execute-malware-in-php-7-environments/?utm_source=rss&utm_medium=rss&utm_campaign=using-assert-to-execute-malware-in-php-7-environments
No comments:
Post a Comment