Unwanted Software and Harmful Programs

Unwanted Software Google Blacklist

We frequently clean blacklisted websites and submit reconsideration requests to have them de-listed. We have encountered many kinds of blacklist warnings including search engines, anti-virus programs, firewalls and and e-mail spam.

Recently I came across an interesting case where Google was flagging a website due to unwanted software. Via our response platform we were able to get to the bottom of the issue, removing the unwanted malware from the website. In the process we learned a few things and wanted to share them with you as well.
Read More

Spam Campaign Causes “DDoS” by Googlebot


Every once in a while we get a glimpse into rare and strange behavior that doesn't involve the website being hacked, but causes major problems for website owners. We have spoken recently about malicious referral spam in Google Analytics and Google
Read More

Distributed Vulnerability Search – Told via Access Logs


Sometimes just a few lines of access logs can tell a whole story... Many ongoing attacks against WordPress and Joomla sites use a collection of known vulnerabilities in many different plugins, themes and components. This helps hackers maximize the
Read More

jQuery.min.php Malware Affects Thousands of Websites


Fake jQuery injections have been popular among hackers since jQuery itself went mainstream and became one of the most widely adopted JavaScript libraries. Every now and then we write about such attacks. Almost every week we see new fake jQuery
Read More

vBulletin Exploits in the Wild


**Update: CheckPoint disclosed more details here: Check Point Discovers Critical vBulletin 0-Day. The vBulletin team patched a serious object injection vulnerability yesterday, that can lead to full command execution on any site running on an
Read More

Return of the EXIF PHP Joomla Backdoor


Our Remediation and Research teams are in constant communication and collaboration. It’s how we stay ahead of the latest threats, but it also presents an opportunity to identify interesting threats that aren’t new but may be reoccuring. Such as tod
Read More

WPScan Intro: WordPress Vulnerability Scanner


Have you ever wanted to run security tests on your WordPress website to see if it could be easily hacked? WPScan is a black box vulnerability scanner for WordPress sponsored by Sucuri and maintained by the WPScan Team, available free for Linux and
Read More

Joomla SQL Injection Attacks in the Wild


Last week, the Joomla team released an update to patch a serious vulnerability on Joomla 3.x. This vulnerability is an SQL injection (CVE-2015-7858) that allows for an attacker to take over a vulnerable site with ease. We predicted that the attacks
Read More

Joomla 3.4.5 Released, Fixing a Serious SQL Injection Vulnerability


The Joomla team just released a new Joomla version (3.4.5) to fix some serious security vulnerabilities. The most critical one is a remote and unauthenticated SQL injection on the com_contenthistory module (included by default) that allows for a full
Read More

Massive Magento Guruincsite Infection


We are currently seeing a massive attack on Magento sites where hackers inject malicious scripts that create iframes from "guruincsite[.]com". Google already blacklisted about seven thousand sites because of this malware. There are two mo
Read More