Why Should You Audit Your Website for Security? Most hacks and cyber attacks happen because of poor security practices. The first step you can take to improve your online security is knowing exactly what’s installed on your website. Having a checklist can help you stay on top of website security. Website Audit Checklist Here is More Info »
Reset Email Account Passwords after Website Infection: Follow Up
In a previous analysis of a malicious file, we demonstrated why you should always update your email account passwords after a security compromise. The information security threat landscape is always changing. Likewise, the tools used by bad actors are also evolving to evade detection by IDS/IPS and other similar services. cPanel Hosting Environment File Analysis More Info »
The Strange Case of the Malicious Favicon
During the past year, our Remediation department has seen a large increase in the number of fully spammed sites. The common factors are strangely named and unusually located favicon.ico files, along with the creation of “bak.bak” index files peppered around the website. In the majority of the cases, the pattern is similar regardless of the More Info »
Stolen Payment Data: Infected Ecommerce Website to Darknet Markets
The final actor of the stolen payment data supply chain is the end user. Rather than just selling or reselling payment data, the end user plans on fraudulently monetizing it. This malicious end user typically buys payment data in limited quantities, since: The price per stolen data greatly increases from when it was originally sold More Info »
The Cost of a Hacked Website – Survey
As part of our commitment to the website security community, we want to know the true impacts of a website compromise from the owner’s perspective. If you are a business that has dealt with any type of website attack, your participation in this six-minute survey will help us improve our services and support website owners More Info »
Magento Killer
A malicious PHP script, aptly given the name “Magento Killer” by its creator(s), has been found targeting Magento websites. While it doesn’t actually kill the Magento installation, it does allow the attacker to modify data in the core_config_data table of the targeted Magento database. $ConfKiller: Malicious Operations Used to Steal Payment Info During the initial More Info »
Icegram Persistent Cross-Site Scripting
Icegram is a plugin that helps you collect email addresses for your newsletter. Other features include light-box popup offers, header action bars, toast notifications, and slide-in messengers. Versions 1.10.28.2 and lower are affected by a persistent Cross-Site Scripting in the admin area. This plugin has over 40,000 installations and any attacker with a subscriber account More Info »
7 Things You Should Monitor in WordPress Activity Logs
WordPress activity logs can be helpful when troubleshooting or trying to identify a hack. In this article, you’ll learn about the seven things you should monitor in your WordPress logs. Over the years, WordPress has grown more complex. WordPress is used by people in a variety of environments, ranging from small shops to large enterprises. More Info »
Spam That Fits Your Website
Most of the time when we talk about spam, we think about mindless machines that create posts or comments to advertise a business related to drugs, accessories, or essays. But what if a hacker tried to convince your clients to click on malicious links based on the content of your website? A Customized Spam Campaign More Info »
WordPress Plugin WP Statistics: Unauthenticated Stored XSS Under Certain Configurations
The WordPress plugin WP Statistics, which has an active installation base of 500k users, has an unauthenticated stored XSS vulnerability on versions prior to 12.6.7. This vulnerability can only be exploited under certain configurations—the default settings are not vulnerable. Timeline 2019/06/26 – Initial contact to the developer. 2019/06/27 – Response from the developer, disclosure of More Info »
