I specialize in identifying, analyzing, and mitigating threats in server environments with a focus on ensuring system security and implementing robust preventive measures.
Get In TouchCommunicative, compliant team player with a supportive nature, passionate about cybersecurity and technology.
Athens, Greece
info@kbourdakos.gr
KKAA Solutions (Κ. ΜΠΟΥΡΔΑΚΟΣ & ΣΙΑ Ε.Ε.)
AFM: 801985029
CloudLinux
I specialize in identifying, analyzing, and mitigating threats in server environments. My role focuses on ensuring system security by detecting malicious activities, removing malware, and implementing robust preventive measures.
Leveraging cutting-edge tools and techniques, I work to safeguard web hosting platforms and enterprise environments against evolving cyber threats.
KKAA Solutions (Κ. ΜΠΟΥΡΔΑΚΟΣ & ΣΙΑ Ε.Ε.)
Registered malware remediation and incident response consultancy serving hosting providers and digital agencies across Europe. On-demand forensic cleanup of compromised web servers — root cause analysis, backdoor hunting, database inspection, and evidence-backed reporting across cPanel, Plesk, and DirectAdmin environments.
team.blue Group of Companies
Applying state of the art Web Hosting technologies while ensuring the deliverability of our services in a client oriented ecosystem.
CloudLinux
Providing consulting services of technical support for Imunify360 security products, a next-generation security solution built for Linux servers.
OTE Group of Companies (HTO)
System Administration & Operations of Hellenic Telecommunications Organization SA as part of Deutsche Telekom Group Of Companies. Accounts Involved t-Albania, t-Romania, TMNL, Coca-Cola & OTE Core.
KBourdakos Computer Systems
Duties Involved: Building OEM Systems, Contracts of Support, Sales/Retail, Imports/Exports (EU/USA), In-House Custom App Development, Web Hosting, Customer Support.
Piraeus University of Applied Sciences
University of Cambridge
Queen Mary's College, Basingstoke
The crontab looked empty. The .profile had a system comment. The .bashrc seemed normal. All three were hiding gsocket reverse shells using ANSI escape codes that erase themselves from terminal output.
Read Article
I cleaned the spam. The database undid it. Inside a 4-layer self-healing WordPress infection that uses MySQL triggers to block its own removal.
Read Article
Deep dive into a server-side credit card skimmer injected into Magento vendor checkout files, using multi-pass XOR encryption to silently exfiltrate payment data for 7 months.
Read Article
How attackers exploit CVE-2024-34102 to deploy PHP webshells disguised as JPEG images, evading scanners that filter by file extension.
Read Article
How a WordPress backdoor survives complete file deletion by storing its payload in the database and regenerating itself on every HTTP request.
Read Article
Analysis of the recent surge in CVE-2017-9841 exploitation attempts targeting PHPUnit's eval-stdin.php for remote code execution.
Read Article
Analysis of a dangerous WordPress plugin that creates hidden admin users and maintains backdoor access.
Read Article