Every year we see an increase in website attacks during the holidays. While business owners see their sales go up due to promotional Black Friday and Cyber Monday campaigns, hackers are in the background working nonstop to create malicious, fraudulent websites as well as take advantage of legitimate ones. Main Cyber Monday Threats Phishing Pages One More Info »
Tag Archives: Redirects
Saskmade[.]net Redirects
Earlier this week, we published a blog post about an ongoing massive malware campaign describing multiple infection vectors that it uses. This same week, we started detecting new modifications of the scripts injected by this attack. The general idea of the malware is the same, but the domain name and obfuscation has changed slightly. For More Info »
Malicious Redirects from NewShareCounts.com Tweet Counter
When Twitter announced their new design for “Tweet” and “follow” buttons back in October 2015, marketers across the web developed a mild anxiety—the new design came with a decision to nuke their beloved Tweet count feature. Social signals can be a huge credibility indicator for visitors and site content. Who doesn’t think there’s a psychological More Info »
Persistent Malicious Redirect Variants
It’s always nice to meet an old friend or someone you used to know well. You have news to share and talk about, stories to tell, etc. But what if your “old friend” was on the criminal side of things and you are meeting him more often than you actually like? Moreover, when you see More Info »
How to Improve Website Resilience for DDoS Attacks – Part I
Denial of Service (Dos) and Distributed Denial of Service (DDoS) attacks are unforgiving. They test the limits of your web server and application resources by sending spikes of fake traffic to your website. It is also notoriously difficult to conduct forensics on a DDoS attack, making the source of the attack a mystery. DDoS attacks More Info »
From Baidu to Google’s Open Redirects
Last week, we described how an ongoing massive malware campaign began using Baidu search result links to redirect people to various ad and scam pages. It didn’t last long. Soon after the publication of that article, the bad actors changed the links to use compromised third-party sites and a couple of day later they began More Info »
Malicious Activities with Google Tag Manager
If I were to ask if you could trust a script from Google that is loading on your website, the majority of users would say “yes” or even “absolutely”. But when malicious behavior ensues, everything should be double-checked and suspected, even assets that come from “trusted sources” like Google, Facebook, and Youtube. In the past, More Info »
Reverse Javascript Injection Redirects to Support Scam on WordPress
Over the last few weeks, we’ve noticed a JavaScript injection in a number of WordPress databases, and we recently wrote about them in a Sucuri Labs Note. The campaign attempts to redirect visitors to a bogus Windows support page claiming that their computers are infected with ‘riskware’ and will be disabled unless they call what More Info »
How to Avoid Malicious Cyber Monday Campaigns
As consumers prepare to take advantage of the discounts and promotions for the Black Friday and Cyber Monday ecommerce holidays, bad actors are crafting fraudulent websites, phishing, and malware campaigns to capitalize on the profits. In past years, targeted Cyber Monday phishing emails posed a huge risk to consumers. These emails, designed to appear from More Info »
Ecommerce Security: Fake Jquery Used as CC Scraper
In the last few months, we noticed an increase in attacks targeting ecommerce platforms aiming to steal credit card information. We saw a similar rise last year after the summer ended, and believe that trend will continue now that the holiday season is quickly approaching. Most of these attacks are based on intercepting the communication More Info »
