Fake jQuery Scripts in Nulled WordPress Plugins

fake-jquery-scripts

We recently investigated some random redirects on a WordPress website that would only happen to certain visitors. Traffic analysis showed us that it was not a server-side redirect, rather it happened due to some script loaded by the web pages.

A quick look through the HTML code revealed this script:

Fake jQuery script injection

Fake jQuery script injection

It was very suspicious for a few reasons:
Read More

Website Security: How Do Websites Get Hacked?

How-Websites-Get-Hacked

In 2014 the total number of websites on the internet reached 1 billion, today it's hovering somewhere in the neighborhood of 944 million due to websites going inactive and it is expected to normalize again at 1 billion sometime in 2015. Let's take a
Read More

How Social Media Blacklisting Happens

Social Media Blacklists

In today's world, we are all browsing websites online and sharing content on a multitude of social media platforms every day. Worldwide social media users exceeded 2 billion back in August 2014, with an adoption rate unlike anything we have seen in
Read More

JetPack and TwentyFifteen Vulnerable to DOM-based XSS

Any WordPress Plugin or theme that leverages the genericons package is vulnerable to a DOM-based Cross-Site Scripting (XSS) vulnerability due to an insecure file included with genericons. So far, the JetPack plugin (reported to have over 1 million
Read More

Hacked Websites Redirect to Bitcoin

bitcoin

Recently, we began to notice that some hacked websites were redirecting traffic from certain browsers to the BitCoin site, bitcoin.org. What’s going on? Is Bitcoin using black hat SEO? Is their site malicious? As you can see, the hacked we
Read More

My Website Was Blacklisted By Google and Distributing Email Spam

Image by Benson Kua licensed under Creative Commons

Being blacklisted is one of the worst things that can happen to a website. The public shame coming from every visitor being stopped by the Big Red Warning page can literally destroy any online business, I am speaking from personal experience before
Read More

Critical Persistent XSS 0day in WordPress

*Update 2015-04-27*: A patch has been released and made available by the WordPress Core Team in version 4.2.1 - Please update immediately. Yes, you've read it right: a critical, unpatched zero-day vulnerability affecting WordPress' comment
Read More

Magento Shoplift (SUPEE-5344) Exploits in the Wild

As warned a few days ago, the Magento Shoplift (SUPEE-5344) vulnerability details have been disclosed by the CheckPoint team. They show step by step how it can be exploited to take over a vulnerable Magento site. They have prepared the following
Read More

Security Advisory: XSS Vulnerability Affecting Multiple WordPress Plugins

Multiple WordPress Plugins are vulnerable to Cross-site Scripting (XSS) due to the misuse of the add_query_arg() and remove_query_arg() functions. These are popular functions used by developers to modify and add query strings to URLs within
Read More

Critical Magento Shoplift Vulnerability (SUPEE-5344) – Patch Immediately!

magento-security

The Magento team released a critical security patch (SUPEE-5344) to address a remote command execution (RCE) vulnerability back in February. It's been more than two months since the release and still more than 50% of all the Magento installations
Read More