Tag Archives: Website Security

Steps to Keep Your Site Clean: Updates

This is the second post of a series about Steps to Keep Your Site Clean. In the first post, we talked about Access Points; here we are going to offer more insight on Updates. Updates Repeatedly we see websites being infected or reinfected when important security updates are not taken seriously. Most software updates are created More Info »

From Baidu to Google’s Open Redirects

Last week, we described how an ongoing massive malware campaign began using Baidu search result links to redirect people to various ad and scam pages. It didn’t last long. Soon after the publication of that article, the bad actors changed the links to use compromised third-party sites and a couple of day later they began More Info »

Malicious Activities with Google Tag Manager

If I were to ask if you could trust a script from Google that is loading on your website, the majority of users would say “yes” or even “absolutely”. But when malicious behavior ensues, everything should be double-checked and suspected, even assets that come from “trusted sources” like Google, Facebook, and Youtube. In the past, More Info »

Content Security Policy

As a website owner, it’s a good idea to be aware of the security issues that might affect your site. For example, Cross-site Scripting (XSS) attacks consist of injecting malicious client-side scripts into a website and using the website as a propagation method. You probably know too that client-side scripts can be programmed to do More Info »

Unwanted Ads via Baidu Links

The malware attack that began as an installation of malicious Injectbody/Injectscr WordPress plugins back in February has evolved since then. Some of the changes were documented asUpdates at the bottom of the original blog post, however, every week we see minor modifications in the way they obfuscate the scripts or the files they inject them into. More Info »

Hacked Website Trend Report – 2017

We are proud to be releasing our latest Hacked Website Trend Report for 2017. This report is based on data collected and analyzed by the Sucuri Remediation Group (RG), which includes the Incident Response Team (IRT) and the Malware Research Team (MRT). The data presented stems from the analysis of 34,371 infected websites summarizing the More Info »

GitHub Hosts Infostealers Part 2: Cryptominers and Credit Card Stealers

A few days ago, we reported that hacked Magento sites had been pushing infostealing malware under the disguise of Flash player updates. In this post, we’ll reveal how this recent attack is related to an extremely hot topic – cryptocurrencies and cryptomining. Infostealer Analysis The malware binary files we found were packed with Themida, so More Info »

GitHub Hosts Lokibot Infostealer

A few months ago, we reported on how cybercriminals were using GitHub to load a variety of cryptominers on hacked websites. We have now discovered that this same approach is being used to push binary “info stealing” malware to Windows computers. Infected Magento Sites Recently, we identified hundreds of infected Magento sites with the following injected More Info »