Tag Archives: Website Security

Understanding & Stopping Malicious Redirects

Many website owners don’t know they’re infected with malicious redirects until they start getting calls from wary customers. Instead of the site they were expecting, it loaded some pretty shady content from the nether reaches of the internet. Malicious redirects are caused by hackers injecting scripts into infected sites that send visitors to destinations where More Info »

YouTube Account Recovery Phishing

Phishing attacks against targeted channels have been successful in the past, as explained last year on ZDNet. Recently, our Remediation team found an interesting phishing page following a similar pattern that was targeting YouTube creators. Phishing Behavior The phishing campaign, which was initially discovered on a compromised WordPress website, is made up of two pages More Info »

New Drupal Website Security Best Practices Guide

When it comes to content management systems (CMS) for websites, Drupal is a highly flexible and extendible open-source solution. It is often preferred by technical developers and large government and educational websites. Because of this, the Drupal community is strongly committed to keeping the software secure. But no software can be completely immune from vulnerabilities More Info »

What is Geolocation?

The Firewall service deploys various heuristic checks and methods to protect your site. One of our most popular security settings, and questions, utilizes geolocation in order to protect and filter requests made to your site depending on where that user/client is. This setting is our ‘GeoBlock’ feature. How does the firewall GeoBlock? With geolocation information More Info »

Obfuscated WordPress Malware Dropper

It goes without saying that evasive maneuvering is at the top of a hacker’s priority list. Most often, they try to evade detection by obfuscating their malicious code to make it unreadable to the naked eye. In our recent post we demonstrated how the PHP function file_put_contents is used to inject malicious data into a More Info »