Security Advisory – Vulnerabilities in Pagelines/Platform theme for WordPress


Advisory for: Pagelines and Platform Themes Security Risk: Very High Exploitation level: Easy/Remote DREAD Score: 9/10 Vulnerability: Privilege Escalation / Remote Code Execution Patched Version: Pagelines: WP Repo 1.4.6, Pagelines Server 2.4.6
Read More

AdSense Abused with Malvertising Campaign

Blocked adwynne banners

Last weekend we noticed a large number of requests to scan websites for malware because they randomly redirected to some “magazine” websites. Most of them mentioned the lemode-mgz .com site. In all cases, the symptoms were the same. Some users ran
Read More

vBSEO’s Vulnerability Leads to Remote Code Execution


We were notified last week that the vBulletin team sent an email to all their clients about a potential security vulnerability in vBSEO. After further investigation, we confirm that this is a very critical issue as it could allow an attacker to
Read More

Serious Vulnerability in VBSEO

The vBulletin team sent an email yesterday to all their clients about a potential security vulnerability on VBSEO. VBSEO is widely used SEO module for vBulletin that was discontinued last year. This makes the problem worse, no patches will be
Read More

Websites Compromised with CloudFrond Injection

Sucuri - CloudFrond Jumpled Payload

If you haven't already noticed, we spent a good deal of time scraping the bottom of the interweb barrel. It's dirty work, but someone has to do it. I'm not going to lie though, to us it's fascinating digging up little nuggets daily, understanding how
Read More

Website Backdoors Leverage the Pastebin Service

Decoded backdoor that uses pastebin

We continue our series of posts about hacker attacks that exploit a vulnerability in older versions of the popular RevSlider plugin. In this post we’ll show you a different backdoor variant that abuses the legitimate service for hosting m
Read More

2014 Website Defacements


Defacements are the most visual and obvious hack that a website can suffer from. They also come parcelled with their own exquisite sense of dread. Nothing gives that gut-wrenching feeling of "I've been hacked" more than seeing this: Most
Read More

WP Symposium – Zero Day Vulnerability Dangers


Our friends at SpiderLabs released a blog post today talking about the latest WP Symposium file upload vulnerability, and the attacks they have been seeing in the wild. This specific vulnerability was disclosed publicly Dec 11th, and attacks
Read More

Analyzing The WordPress SoakSoak Favicon Backdoor

The securi-fix.php code

This post is a dissection of one of a few backdoor variations hackers are uploading via the RevSlider security hole. We also provide webmasters a complete mitigation plan. In the previous post we described how hackers upload a ZIP file which
Read More

New Malware Campaign – WPcache-Blogger – Affects Thousands more WordPress Websites via RevSlider

If SoakSoak wasn't enough, we are starting to see a new malware campaign leveraging the RevSlider vulnerability and compromising thousands of WordPress sites in the last few days. Unlike SoakSoak, it's comprised of 3 distinct malframes - creating
Read More