Ben Martin

100 posts

Ben Martin is a security analyst and researcher who joined the company in 2013. Ben's main responsibilities include finding new undetected malware, identifying trends in the website security world, and, of course, cleaning websites. His professional experience covers more than a decade of working with infected websites of every variety with a special focus on eCommerce / credit card theft malware. When Ben isn't slaying malware you might find him producing music, gardening, or skateboarding around Victoria.

Compromised OpenCart Payment Module Steals Credit Card Information

Ben Martin
August 28, 2023

Today’s story starts much the same as many others on this blog: A new client came to us reporting that credit card details were being…

Read the Post

Critical Security Update for Magento Open Source & Adobe Commerce

Ben Martin
August 16, 2023

Last week on August 8th, 2023, Adobe released a critical security patch for Adobe Commerce and the Magento Open Source CMS. The patch provides fixes…

Read the Post

Abandoned US Congressional Website Used in Asian Gambling Spam Infection

Ben Martin
July 26, 2023

Website owners and developers tend to buy a lot of domains. With different projects on the go and working with multiple different clients at any…

Read the Post

How to Harden WordPress: A Basic Overview

Ben Martin
July 12, 2023

Out-of-the-box security configurations tend to not be very secure. This is usually true for all software and WordPress is no exception. Best practices suggest you…

Read the Post

New Guide on Secure VPS Configuration

Ben Martin
July 4, 2023

One of the most common problems that we observe among many of our clients is the persistent threat of cross contamination – that is, malware…

Read the Post

Remote Code Execution Backdoor Uses Unicode Obfuscation and Non-Standard File Extensions

Remote Code Execution Backdoor Uses Unicode Obfuscation & Non-Standard File Extensions

Ben Martin
June 22, 2023

Readers of this blog will know that attackers are constantly finding new ways to hide their malware and avoid detection; after all, that’s what good…

Read the Post

Vulnerability in Essential Addons for Elementor Leads to Mass Infection

Ben Martin
May 18, 2023

On May 11th, 2023, the very popular WordPress plugin Essential Addons for Elementor released a patch for a critical privilege escalation vulnerability, initially discovered by…

Read the Post

Websites Defaced with Belarusian Bottled Water Company Content

Ben Martin
May 16, 2023

It’s not often that we get the opportunity to write about website defacements on this blog. Defacements — where a website homepage is replaced with…

Read the Post

Massive Abuse of EvalPHP WordPress Plugin

Massive Abuse of Abandoned Eval PHP WordPress Plugin

Ben Martin
April 19, 2023

Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of…

Read the Post

Limit Login Attempts Vulnerability – Patch Now!

Ben Martin
April 12, 2023

On April 11th, 2023, a software update was released to patch a severe vulnerability within the Limit Login Attempts WordPress security plugin. With over 600,000…

Read the Post

Elementor Pro WordPress Plugin Vulnerability

High Severity Vulnerability in WordPress Elementor Pro Patched

Ben Martin
March 31, 2023

On March 22nd, 2023 a security patch was issued for the popular website builder plugin Elementor Pro. Website administrators using this plugin should immediately patch…

Read the Post