Tag Archives: Website Security

Hackers Change WordPress Siteurl to Pastebin

Last Friday, we reported on a hack that used a vulnerability in the popular WP GDPR Compliance plugin to change WordPress siteurl settings to erealitatea[.]net. At that time it was not clear who was behind the massive attack, since the erealitatea[.]net domain didn’t work and the infection simply broke the compromised sites. Our SiteCheck scanner More Info »

10 Tips to Improve Your Website Security

Having a website has become easier than ever due to the proliferation of great tools and services in the web development space. Content management systems (CMS) like WordPress, Joomla!, Drupal, Magento, and others allow business owners to build an online presence rapidly. The CMS’s highly extensible architectures, rich plugins, and effective modules have reduced the More Info »

Web Marketers Should Learn Security

Most online marketers think of themselves as T-shaped individuals. The theory behind this concept is that individuals possess a wide range of skills, with some abilities running deeper than others. Website security awareness is in short supply and we need more champions — especially among small and medium-sized businesses. Digital marketers are in a prime More Info »

OWASP Top 10 Security Risks – Part II

It is National Cyber Security Awareness Month and in order to bring awareness to what threatens the integrity of websites, we have started a series of posts on the OWASP top 10 security risks. The OWASP Top 10 list consists of the 10 most seen application vulnerabilities: Injection Broken Authentication Sensitive data exposure XML External More Info »

Malicious Redirects from NewShareCounts.com Tweet Counter

When Twitter announced their new design for “Tweet” and “follow” buttons back in October 2015, marketers across the web developed a mild anxiety—the new design came with a decision to nuke their beloved Tweet count feature. Social signals can be a huge credibility indicator for visitors and site content. Who doesn’t think there’s a psychological More Info »

Security Monitoring Saves the Day

For the second week of  National Cyber Security Awareness Month, we would like to focus on a very important part in having a good website security posture: monitoring. How can security monitoring save your day? Most people only care about their website security after something bad has already happened. However, how can you tell when More Info »

Obfuscated JavaScript Cryptominer

During an incident response investigation, we detected an interesting piece of heavily obfuscated JavaScript malware. Once decoded, we found out that cryptominers were running on visitor’s computers when they accessed our customer’s website. We have previously discussed how cryptomining can happen in many covert ways. In this post, we will show you how a malicious code More Info »

OWASP Top 10 Security Risks – Part I

It is National Cyber Security Awareness Month and in order to bring awareness to what threatens the integrity of websites, we would like to start a series of post on the OWASP top 10 security risks. OWASP stands for the Open Web Application Security Project, an online community that produces articles, methodologies, documentation, tools, and More Info »