Website Security News
The number of credit card skimmers targeting WooCommerce websites has skyrocketed over the past year, and threat actors have become increasingly creative in the different ways they obfuscate their payloads to avoid traditional detection. During a recent investigation for an infected WordPress website, we discovered…
Our lead security analyst Liam Smith recently worked on an infected X-Cart website and found two interesting credit card stealers there — one skimmer located server-side, the other client-side. X-Cart’s…
Our remediation and research teams regularly find malicious redirects on client sites. These infections automatically redirect site visitors to third-party websites with malicious resources, scam pages, or commercial websites with…
Read More about Massive WordPress JavaScript Injection Campaign Redirects to Ads
Next up in our “This didn’t quite make it into the 2021 Threat Report, but is still really cool” series: New backdoors! Backdoors are a crucial component of a website…
Nowadays, the term DDoS probably raises the heart rate of most webmasters. Though many don’t know exactly what a DDoS attack is, they do know the effect: an extremely sluggish…
Read More about What Happens During a DDoS Attack and How to Know if You Are Under an Attack
During a recent investigation, a new client came to us reporting that their antivirus had detected a suspicious domain loading on their website’s checkout page. We regularly receive reports like…
Read More about Manually Identifying an X-Cart Credit Card Skimmer
Our research and remediation teams have noticed an increase in WooCommerce credit card skimmers on client sites over the past few years, as detailed in past blog posts. Due to…
Read More about WooCommerce Credit Card Skimmers Concealed In Fake Images
DDoS attacks are a growing threat for websites. But do you know how to mitigate them in their tracks? We’ll cover some essential fundamentals on stopping a DDoS attack and…
Read More about How to Stop a DDoS Attack & Prevent Future DDoS Attacks
Our 2021 Website Threat Research Report details our findings and analysis of emerging and ongoing trends and threats in the website security landscape. We’ve put together this analysis to help…
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help…
Staying on top of critical security risks and vulnerabilities is imperative for the safety of your website. Some of the types of threats impacting our client sites include injections, broken authentication,…
