My Website Was Blacklisted By Google and Distributing Email Spam
Val Vesa Being blacklisted by Google is one of the worst things that can happen to a website. The public shame coming from every visitor being stopped…
Month: April 2015
11 posts
Critical Persistent XSS 0day in WordPress
Marc-Alexandre Montpas *Update 2015-04-27*: A patch has been released and made available by the WordPress Core Team in version 4.2.1 – Please update immediately. Yes, you’ve read…
Magento Shoplift (SUPEE-5344) Exploits in the Wild
Daniel Cid As warned a few days ago, the Magento Shoplift (SUPEE-5344) vulnerability details have been disclosed by the CheckPoint team. They show step by step how it…
Security Advisory: XSS Vulnerability Affecting Multiple WordPress Plugins
Multiple WordPress Plugins are vulnerable to Cross-site Scripting (XSS) due to the misuse of the add_query_arg() and remove_query_arg() functions. These are popular functions used by…
Critical Magento Shoplift Vulnerability (SUPEE-5344) – Patch Immediately!
The Magento team released a critical security patch (SUPEE-5344) to address a remote command execution (RCE) vulnerability back in February. It’s been more than two months…
Critical Microsoft IIS Vulnerability Leads to RCE (MS15-034)
Rafael Capovilla Microsoft just disclosed a serious vulnerability (MS15-034) on their Web Server IIS that allows for remote and unauthenticated Denial of Service (DoS) and/or Remote Code Execution…
Impacts of a Hack on a Magento Ecommerce Website
Denis Sinegubko Recently we wrote about the impacts of a hacked website and how it is important to give website visitors a safe online experience. In this…
How To Create a Website Backup Strategy
Keir Desailly We’ve all heard it a million times before – backups are important. Still, the reality is that even today, a website backup strategy remains one…
FBI Public Service Annoucement: Defacements Exploiting WordPress Vulnerabilities
The US Federal Bureau of Investigation (FBI) just released a public service announcement (PSA) to the public about a large number of websites being exploited…
Security Advisory: Persistent XSS in WP-Super-Cache
During a routine audit for our Website Firewall (WAF), we discovered a dangerous persistent XSS vulnerability affecting the very popular WP-Super-Cache plugin (more than a…
Website Malware – The SWF iFrame Injector Evolves
Peter Gramantik Last year, we released a post about a malware injector found in an Adobe Flash (.swf) file. In that post, we showed how a SWF…