Website Security News
A website owner recently reached out to us about a pop-up advertisement problem on their website which occurred any time someone clicked anywhere on the web page. This irritating pop-up didn’t come from malware placed in the website’s files or database, but rather from a…
Read More about How Domain Expiration Can Potentially Disrupt Other Websites
Over the past few weeks, we’ve seen an increase in Troldesh ransomware using compromised websites as intermediary malware distributors. The malware often uses a PHP file that acts as a…
Hardening is the process of securing a website or system against known security weaknesses or potential issues to reduce the attack surface. The more functions or features a website has,…
We were recently contacted by a Magento website owner who had been blacklisted and was experiencing McAfee SiteAdvisor “Dangerous Site” warnings. Our investigation revealed that the site had been infected…
Read More about Fake Google Domains Used in Evasive Magento Skimmer
In a previous analysis of a malicious file, we demonstrated why you should always update your email account passwords after a security compromise. The information security threat landscape is always…
Read More about Reset Email Account Passwords after Website Infection: Follow Up
The final actor of the stolen payment data supply chain is the end user. Rather than just selling or reselling payment data, the end user plans on fraudulently monetizing it….
Read More about Stolen Payment Data: Infected Ecommerce Website to Darknet Markets
A malicious PHP script, aptly given the name “Magento Killer” by its creator(s), has been found targeting Magento websites. While it doesn’t actually kill the Magento installation, it does allow…
Across various social media platforms there are verification checkmark symbols that appear near the name of the account’s page we view. For example, this verified account indicator seen from our…
Recently, someone reached out to us about a malicious process they had discovered running on their web server. This process was maxing out the CPU, which is not unusual when…
In the past, we’ve mentioned how the PHP XOR bitwise operator (represented by the caret ^) can be used to encrypt a malware’s source code. This operator makes it more…
Read More about PHP Backdoor Evaluates XOR Encrypted Requests
We recently had a client that had a persistent malware infection on their shared hosting environment that would re-infect the files quickly after we had cleaned them. The persistence was…
Read More about Return to the City of Cron – Malware Infections on Joomla and WordPress
