Security Advisory – Hikashop Extension for Joomla!

Advisory for: Hikashop for Joomla! Security Risk: High (DREAD score : 7/10) Vulnerability: Object Injection / Remote Code Execution Updated Version: 2.3.2 In a routine audit of our Website Firewall we discovered a serious vulnerability within
Read More

Website Malware – Curious .htaccess Conditional Redirect Case

I really enjoy when I see different types of conditional redirects on compromised sites. They are really hard to detect and always lead to interesting investigations. Take a look at this last one we identified: The curious aspect about it is
Read More

Conditional Malicious iFrame Targeting WordPress Web Sites

Sucurii  - GetCookie iFrame Injection

We have an email, labs@sucuri.net where we receive multiple questions a day about various forms of malware. One of the most common questions happen when our Free Security Scanner, SiteCheck, detects a spam injection or a hidden iframe and the user is
Read More

WordFence WordPress Security Plugin Pushes a Security Update

Sucuri - WordFence Whitelist IP Option

If you are one of the many users of the WordPress Security Plugin, WordFence, we highly encourage you to update. They recently pushed out a security update that could be affecting your install. It is important to note however that what is interesting
Read More

Understanding the WordPress Security Plugin Ecosystem

Sucuri - Website Security Wheel

This post is available in Spanish (Este post está disponible en español). As a child, did you ever play that game where you sit in a circle and one person is responsible for whispering something into one persons ear, and that message gets relayed a
Read More

Website Security – Compromised Website Used To Hack Home Routers

Sucuri - Politica iFrame Payload Chain

What if we told you that a compromised website has the ability to hack your home router? Yesterday we were notified that a popular newspaper in Brazil (politica.estadao.com.br) was hacked and loading several iFrames. These iFrames were trying to
Read More

Security Advisory – VirtueMart Extension for Joomla!

virtuemart-bind

Advisory for: VirtueMart for Joomla! Security Risk: High Exploitation level: Easy/Remote Vulnerability: Access control bypass / Increase of Privilege Updated Version: 2.6.10c Patched Version: 2.6.8c If you’re using the popular V
Read More

Microsoft IIS Web Server – CMD Process Contributing to Website Reinfections

Screen-Shot-2014-08-27-at-7.18.10-AM

We often spend a lot of time talking about application level malware, but from time to time we do like to dabble in the ever so interesting web server infections as well. It is one of those things that comes with the job. Today, we're going to chat
Read More

Anatomy of 2,000 Compromised Web Servers used in DDoS Attack

Sucuri - Layer 7 DDOS Attack  Source

This post is available in Spanish (Este post está disponible en español). One of our clients was being attacked by a layer-7 DDoS attack for more than a week. The attack was generating around 5,000 HTTP requests per second, which took his site a
Read More

Slider Revolution Plugin Critical Vulnerability Being Exploited

Sucuri - WordPress Plugin Disclosure - Slider Revolution Attack Trend

This post is available in Spanish (Este post está disponible en español). Mika Epstein, Ipstenu, of Dreamhost, notified us today of a serious vulnerability in the WordPress Slider Revolution Premium plugin which was patched silently. It t
Read More