New Malware Variants Serve Bogus CloudFlare DDoS Captcha
Ben Martin When attackers shift up their campaigns, change their payload or exfiltration domains, and put some extra effort into hiding their malware it’s usually a telltale…
Magento Supply Chain Attack Targets Extension Developer FishPig
Magento store owners using the popular FishPig extensions should be wary of a recent supply chain attack which compromised their software repository. FishPig released a…
Examining Less-Common WordPress Credit Card Skimmers
Since 2020 considerable attention has been spent analysing the emergence of MageCart malware within WordPress environments which most commonly affects sites using WooCommerce. As demonstrated…
Fake DDoS Pages On WordPress Sites Lead to Malicious Downloads
It’s not uncommon for users to experience “DDoS Protection” pages when casually browsing the web. These DDoS protection pages are typically associated with browser checks…
WooCommerce Credit Card Skimmer Uses Telegram Bot to Exfiltrate Stolen Data
Our story starts like many others told on this blog: A new client came to us with reported cases of credit card theft on their…
Smilodon Credit Card Skimming Malware Shifts to WordPress
WordPress’ massive market share has come with an unsurprising side effect: As more and more site admins turn to popular plugins like WooCommerce to turn…
Top Ten Most Cumbersome Website Infections to Remove in 2021
In today’s post we’re going to be going over the top ten most cumbersome website infections to remove, based on the sheer number of files…
Examining Emerging Malware: Website Backdoors
Next up in our “This didn’t quite make it into the 2021 Threat Report, but is still really cool” series: New and emerging backdoor variants…
Hacked Website Threat Report 2021
Our 2021 Website Threat Research Report details our findings and analysis of emerging and ongoing trends and threats in the website security landscape. We’ve put…
The Case for 2FA by Default for WordPress
Administrator panel compromises are one of the most common attacks that everyday WordPress website admins face. We work with thousands of clients who have encountered…
WordPress Overtakes Magento in Credit Card Skimmers
One of the most important monitoring tools in our security platform is our Sucuri SiteCheck scanner. It’s a free tool to scan your website for…