Website Security News
Learn about the latest malware campaigns actively infecting websites, including malware removal and protection steps. Stay up to date with the latest infections against websites including CMS platforms like WordPress, Drupal, Magento, and Joomla. Read our posts about the most recent website hacks analyzed by our research and incident response teams.
A hack or cyber attack is the act of maliciously entering, taking control over, or manipulating by force a web application, server, or file that belongs to someone else. Cyber attacks will: modify files, retrieve information, insert commands or scripts, change the way your website…
Read More about What Hackers Do after Gaining Access to a Website
Over the past few weeks, we’ve seen an increase in Troldesh ransomware using compromised websites as intermediary malware distributors. The malware often uses a PHP file that acts as a…
In a previous analysis of a malicious file, we demonstrated why you should always update your email account passwords after a security compromise. The information security threat landscape is always…
Read More about Reset Email Account Passwords after Website Infection: Follow Up
During the past year, our Remediation department has seen a large increase in the number of fully spammed sites. The common factors are strangely named and unusually located favicon.ico files,…
Most of the time when we talk about spam, we think about mindless machines that create posts or comments to advertise a business related to drugs, accessories, or essays. But…
The WordPress plugin WP Statistics, which has an active installation base of 500k users, has an unauthenticated stored XSS vulnerability on versions prior to 12.6.7. This vulnerability can only be…
Website security is what we eat, sleep, and breathe. It’s what we do best because we deal with hacked websites every single day, thousands of them. Among the various types…
Read More about Why is Your Website a Target? The SEO Value of a Website
Recently, someone reached out to us about a malicious process they had discovered running on their web server. This process was maxing out the CPU, which is not unusual when…
It’s no news that webmasters commonly make use of external scripts to add more features to their site, but things can turn out for the worse quite easily. What if…
Read More about Lightbox Adware – From Innocent Scripts to Malicious Redirects
The open source PHP forum software myBB recently published a new update, version 1.8.21. This is a security release fixing a Stored XSS vulnerability in the private messaging and post…
This blog post talks about how a web spam campaign that targets only one country may create problems for sites owners around the world — even if their site is…
Read More about Korean Gambling and Call Girl Spam on Hacked and Non-hacked Sites
