Why You Should Care about Website Security on Your Small Site

Most people assume that if their website has been compromised, there must have been an attacker evaluating their site and looking for a specific vulnerability to hack. Under most circumstances however, bad actors don’t manually hand-pick websites to attack since it’s a tedious and time consuming process. Instead, they rely on automation to identify vulnerable More Info »

Magento Credit Card Stealer Reinfector

In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins, and PayPal credentials. That is why we have reported on a credit card stealer reinfector of Magento websites in one of our recent Labs Notes. In this post, we describe one of More Info »

How APIs Can Streamline Your Operations

Day-to-day operations can present many challenges. Whether you’re wearing multiple hats within the same department or a project lead managing dozens, even hundreds of web applications – time is always the concern. How late do I need to stay up tonight? How much longer will this take? What did I miss? I’ve heard this communicated a More Info »

Shell Logins as a Magento Reinfection Vector

Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following files: app/Mage.php; lib/Varien/Autoload.php; index.php; app/code/core/Mage/Core/functions.php; These are common files for attackers to target as they operate throughout Magento sites, but these instances were special as they had a very peculiar reinfection rate. More Info »

An Old Trick with a New Twist: Cryptomining Through Disguised URL Shorteners

As we have previously discussed on this blog, surreptitious cryptomining continues to be a problem as new methods emerge to both evade and hasten the ease of mining at the expense of system administrators, website owners, and their visitors. Another Way Hackers are Tricking Website Visitors into Stealth Cryptomining The latest of these new techniques More Info »