Ben Martin

80 posts

Ben Martin is a security analyst and researcher who joined the company in 2013. Ben's main responsibilities include finding new undetected malware, identifying trends in the website security world, and, of course, cleaning websites. His professional experience covers more than eight years of working with infected websites, writing blog posts, and taking escalated tickets. When Ben isn't slaying malware, you might find him editing audio, producing music, playing video games, or cuddling with his cat. Connect with him on Twitter

Optimizing WordPress: Security Beyond Default Configurations

Ben Martin
October 3, 2023

Default configurations in software are not always the most secure. For example, you might buy a network-attached home security camera from your friendly neighborhood electronics…

Magecart stealing credit card information with a single white invisible pixel

Decoding Magecart: Credit Card Skimmers Concealed Through Pixels & Images

Ben Martin
September 12, 2023

MageCart infections most often come in the form of complex, obfuscated JavaScript injected into Magento database tables such as core_config_data, or as malicious plugins or…

Compromised OpenCart Payment Module Steals Credit Card Information

Ben Martin
August 28, 2023

Today’s story starts much the same as many others on this blog: A new client came to us reporting that credit card details were being…

Critical Security Update for Magento Open Source & Adobe Commerce

Ben Martin
August 16, 2023

Last week on August 8th, 2023, Adobe released a critical security patch for Adobe Commerce and the Magento Open Source CMS. The patch provides fixes…

Abandoned US Congressional Website Used in Asian Gambling Spam Infection

Ben Martin
July 26, 2023

Website owners and developers tend to buy a lot of domains. With different projects on the go and working with multiple different clients at any…

How to Harden WordPress: A Basic Overview

Ben Martin
July 12, 2023

Out-of-the-box security configurations tend to not be very secure. This is usually true for all software and WordPress is no exception. Best practices suggest you…

New Guide on Secure VPS Configuration

Ben Martin
July 4, 2023

One of the most common problems that we observe among many of our clients is the persistent threat of cross contamination – that is, malware…

Remote Code Execution Backdoor Uses Unicode Obfuscation and Non-Standard File Extensions

Remote Code Execution Backdoor Uses Unicode Obfuscation & Non-Standard File Extensions

Ben Martin
June 22, 2023

Readers of this blog will know that attackers are constantly finding new ways to hide their malware and avoid detection; after all, that’s what good…

Vulnerability in Essential Addons for Elementor Leads to Mass Infection

Ben Martin
May 18, 2023

On May 11th, 2023, the very popular WordPress plugin Essential Addons for Elementor released a patch for a critical privilege escalation vulnerability, initially discovered by…

Websites Defaced with Belarusian Bottled Water Company Content

Ben Martin
May 16, 2023

It’s not often that we get the opportunity to write about website defacements on this blog. Defacements — where a website homepage is replaced with…

Massive Abuse of EvalPHP WordPress Plugin

Massive Abuse of Abandoned Eval PHP WordPress Plugin

Ben Martin
April 19, 2023

Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of…