Website Security News
Learn about the latest malware campaigns actively infecting websites, including malware removal and protection steps. Stay up to date with the latest infections against websites including CMS platforms like WordPress, Drupal, Magento, and Joomla. Read our posts about the most recent website hacks analyzed by our research and incident response teams.
While we mostly see skimmers on Magento based websites, this does not mean that less-popular ecommerce platforms are safe from infections with similar payment information stealing malware. Our security analyst Christopher Morrow recently found an injection on a lesser known open source ecommerce platform named…
As we settle into 2020, it’s a good time to look back at what was learned in the previous year. After all, the past provides valuable lessons for the future….
How many websites do you currently have on your server? If the answer is something along the lines of, “One that I really care about, some older ones that I…
This is a story about the SoakSoak malware campaign that proved that you can’t underestimate impact of security issues in popular premium software. These days, the majority of popular content…
Read More about 5 Year Anniversary of the SoakSoak Malware Tsunami
In past posts, we’ve discussed the more popular reasons why hackers target smaller websites. Today, we’ll focus instead on how hackers use compromised websites to spread dangerous malware like Emotet…
Read More about How Websites Are Used to Spread Emotet Malware
Phishing is a malicious attempt to obtain personally identifiable information of a victim. The first thing to keep in mind about phishing is the goal of the attackers. In the…
With the end of November comes the height of the holiday shopping season — specifically Black Friday and Cyber Monday sales, which typically span the last calendar days of November…
Read More about Black Friday/Cyber Monday Ecommerce Security Threats
While we deal with a lot of phishing cases, we rarely see mobile applications used as part of a phishing campaign—these apps add a layer of complexity to the process…
Read More about Malicious Android Application Used in Phishing Scam
A web application firewall (WAF) is a great way to detect and filter incoming malicious requests before they can exploit website vulnerabilities and security flaws. While a WAF helps protect…
This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting scripts from scripts.trasnaltemyrecords[.]com into multiple…
Read More about Vulnerable Versions of Adminer as a Universal Infection Vector
We regularly clean all sorts of black hat SEO infections. During these infection cleanups, we often find compromised websites redirecting visitors to fake “Canadian Pharmacy” landing pages selling counterfeit men’s…
