Analysis of the Massive NDSW / NDSX Malware Campaign
Denis Sinegubko Recently, Avast’s researchers Pavel Novák and Jan Rubín posted a detailed writeup about the “Parrot TDS” campaign involving more than 16,500 infected websites. Such massive…
Browsing Category
Security Education
681 posts
WordPress Vulnerabilities & Patch Round-up — May 2022
Antony Garand Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Top Ten Most Cumbersome Website Infections to Remove in 2021
Ben Martin In today’s post we’re going to be going over the top ten most cumbersome website infections to remove, based on the sheer number of files…
Analyzing a WooCommerce Credit Card Skimmer
Liam Smith The number of credit card skimmers targeting WooCommerce websites has skyrocketed over the past year, and threat actors have become increasingly creative in the different…
X-Cart Skimmer with DOM-based Obfuscation
Our lead security analyst Liam Smith recently worked on an infected X-Cart website and found two interesting credit card stealers there — one skimmer located…
Examining Emerging Malware: Website Backdoors
Next up in our “This didn’t quite make it into the 2021 Threat Report, but is still really cool” series: New and emerging backdoor variants…
Manually Identifying an X-Cart Credit Card Skimmer
During a recent investigation, a new client came to us reporting that their antivirus had detected a suspicious domain loading on their website’s checkout page.…
Hacked Website Threat Report 2021
Our 2021 Website Threat Research Report details our findings and analysis of emerging and ongoing trends and threats in the website security landscape. We’ve put…
WordPress Vulnerabilities & Patch Roundup — April 2022
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Keeping Up With PHP Updates
Ashley Sand Staying on top of critical security risks and vulnerabilities is imperative for the safety of your website. Some of the types of threats impacting our client…
Poodle and Doodle, FUD and the Sucuri WAF
Marc Kranat On any given day, Sucuri sees thousands of clients go through the PCI compliance process. The requirements outlined by the Payment Card Industry Data Security…