Exploiting Log4j vulnerability in VMWare VCenter CVE-2021-44228
Very recently I felt one of my virtual machines is infected by malware and I was thinking about restoring it to a clean snapshot but then I thought let’s find other ways to identify and block these types of attacks. There were few more issue I wanted to resolve on my network which includes blocking of advertisements on the pages I visit, blocking all malicious IOC over the network, etc, one of the game BattleField 4 which I play on PS4 wasn’t able to connect to online gaming due to blocking of DNS at ISP, etc.
I started doing my research where I found discovered “Pi-Hole”, Basically Pi-Hole is a network-wide Advertisement blocking solution (DNS Server) that can be installed on a virtual machine or on your own hardware e.g RaspberryPI 3 in my case.
In my everyday malware reverse engineering experience i come across multiple websites injections by malware, these malware are very much unique and cannot be found easily using search strings . Recently i was given a task to clean malware from a infected website. The website was using the very famous wordpress cms, when i search the internet i found multiple exploits which can be used to upload a backdoor into any website which is vulnerable due to outdated Slider plugin.
Every website needs to be trusted by its users for it to be successful. Growing concerns about fake sites, viruses, and identity theft has made consumers reluctant to do business online or post their information on websites that have not followed any security measures.
Malware is not going away any time soon. Malware is growing, developing and constantly evolving. It is becoming more difficult to detect, and even harder to remove. Your computer is constantly at risk from infection by malware in the form of viruses, worms, trojans, rootkits, dialers and spyware.