Andrew Martin

Jart and Scott from HostExploit (http://hostexploit.com/) have put together another paper on bad hosting providers, this time giving an overview of 50 that host a great deal of malicious code. The ranking is based on a mathematical calculation, which is included in the report. To be absolutely clear, these providers are not knowingly acting as [...]

I’m a few days late for posting this but the HostExploit team has produced another report, this time on an attack dubbed “MalFI” for malicious file inclusion. This encompasses remote file inclusion (RFI), local file inclusion (LFI) and Cross Server Attack (XSA). The report had been in the works for quite some time and while [...]

Now that the report has hit mainstream media outlets, I am pleased to report that Real Host has been taken down. Score another one for the good guys! The story was first published by the Financial Times of London With follow up stories from: Network World The Inquirer CIO Magazine Information Security Magazine Sunbelt Software [...]

It’s been awhile since I posted unfortunately, but it’s not due to a lack of attacks to talk about! Some time ago I was approached by the Host Exploit open source security research group and they asked me if I would help contribute to their efforts. This is the group that put together research that [...]