JoomDonation Compromised
Daniel Cid We are receiving reports from many users of the popular JoomDonation platform that they received a very scary email from someone that supposedly hacked into…
Month: November 2014
13 posts
Typos Can have a Bigger Impact Than Expected
Fioravante Souza Have you ever thought about the cost of a typo? You know what I mean, a simple misspelling of a word somewhere on your website.…
Protecting Against Unknown Software Vulnerabilities
Bugs exist in every piece of code. It is suggested that for every 1,000 lines of code, there are on average 1 to 5 bugs…
Website Malware Removal: Phishing
Joseph Herbrandson As we continue on our Malware Removal series we turn our attention to the increasing threat of Phishing infections. Just like a fisherman casts and…
Security Advisory – High severity – WP-Statistics WordPress Plugin
Marc-Alexandre Montpas If you’re using the WP-Statistics WordPress plugin on your website, now is the time to update. While doing a routine audit for our Website Firewall…
RSS Reveals Malware Injections
Denis Sinegubko There are multiple different ways to detect invisible malware on a website: You can scrutinize the HTML code of web pages. Use external scanners like…
Deep Dive into the HikaShop Vulnerability
It’s been two months since our disclosure of an Object Injection vulnerability affecting versions <2.3.3 of the Joomla! Hikashop extension. The vulnerability allowed an attacker…
The Art of Website Malware Removal – The Basics
When talking about defense against malicious hacks, the attack vector is a common topic for Information Security (InfoSec) professionals. The primary concern is to understand…
The Psychology Behind Why Websites Get Hacked
It’s an everyday conversation for security professionals that interact with new customers. The one where we have to explain that just because everything seems fine,…
The Dangers of Hosted Scripts – Hacked jQuery Timers
Google blacklisted a client’s website claiming that malicious content was being displayed from “forogozoropoto(dot)2waky (dot)com”. A scan didn’t reveal anything suspicious. The next step was…
Combat Black Hat SEO Infections with SEO Insights
Alycia Mitchell Black hat SEO spam is the plague of the internet, and the big search engines take it seriously. One of the worst spam tactics on…