The session covers targeted attacks on Apache and other web servers such as nginx and lighttpd. The attacks usually start with an exploit which allows the attacker to plant a modified httpd executable or a malicious module. It will investigate the attack phases, malicious components and actors behind it. Securing non-Windows servers plays an important part in the fight against cyber crime.