Website Security News
Learn about the latest malware campaigns actively infecting websites, including malware removal and protection steps. Stay up to date with the latest infections against websites including CMS platforms like WordPress, Drupal, Magento, and Joomla. Read our posts about the most recent website hacks analyzed by our research and incident response teams.
Phishing is a serious threat to any industry. We have seen this topic appear in the news more each day. You might have already received a fraudulent email from what seemed to be your bank or even seen the hacking that took place during the 2016…
Every year we see an increase in website attacks during the holidays. While business owners see their sales go up due to promotional Black Friday and Cyber Monday campaigns, hackers…
Read More about A Scam-Free Cyber Monday for Online Businesses
Finding backdoors is one of the biggest challenges of a website security analyst, as backdoors are designed to be hidden in case the malware is found and removed. Website Backdoors A…
We’re seeing an increase in the number of cases where attackers are disabling WordPress sites by removing or rewriting its wp-config.php file. These cases are all linked to the same vulnerable software:…
Defaced websites are a type of hack that is easy to notice and a pain for website owners. Recently, we came across some defacement pages with a peculiar JavaScript injection…
In the first post of this series, we discussed some of the main website security threats. Knowing the website security environment is a vital part of a good website posture….
Read More about How to Improve Your Website Security Posture – Part II
Every day we see different website infections. When we receive unusual or interesting cases, our researcher instincts are triggered to investigate the unusual website behavior in order to understand how…
Since July, we’ve been observing a massive WordPress infection that is responsible for unwanted redirects to scam and ad sites. This infection involves the tiny.cc URL shortener, a fake plugin…
Read More about Fake Plugins with Popuplink.js Redirect to Scam Sites
Have you ever wondered if your website security posture is adequate enough? The risk of having a website compromise is never going to be zero. However, as a webmaster, you…
Read More about How to Improve Your Website Security Posture – Part I
Most websites today use cookies. Since May 25th, 2018, all websites that do business in the European Union (EU) had to make some changes to be compliant with the EU…
Read More about Cookie Consent Script Used to Distribute Malware
Recently, we came across another way to use files from GitHub repositories in malware infections. This time the infections weren’t via GitHub.io, raw.githubusercontent.com, or github.com/<user>/<repository>/raw/ URLs. The new trick involved…
Read More about RawGit CDN is Abused by CryptoLoot Cryptominers
