What is Virtual Patching: A Guide to Preventing Vulnerabilities
John Booker All software has bugs — but some bugs can lead to serious security vulnerabilities that can impact your website and traffic. Zero-day vulnerabilities can be…
Browsing Category
Website Malware Infections
837 posts
Magento Supply Chain Attack Targets Extension Developer FishPig
Ben Martin Magento store owners using the popular FishPig extensions should be wary of a recent supply chain attack which compromised their software repository. FishPig released a…
Gambling Spam in Visual Composer Raw HTML Element: [vc_raw_html]
Denis Sinegubko Bad actors often look for clever ways to boost the rankings and visibility of their spam pages in search. One of the many black hat…
How to Find & Remove Malware in Favicon (.ico) Files
Rianna MacLeod When a website is hacked symptoms can sometimes include unexpected, unfamiliar and strangely located favicon or .ico files. Other symptoms might include: ”This site may…
How to Remove 404 Errors in Search Console
Cesar Anjos Hacked websites are known to result in a plethora of headaches for webmasters, including malicious redirects, broken links, and unwanted spam content. But did you…
Examining Less-Common WordPress Credit Card Skimmers
Since 2020 considerable attention has been spent analysing the emergence of MageCart malware within WordPress environments which most commonly affects sites using WooCommerce. As demonstrated…
Fake DDoS Pages On WordPress Sites Lead to Malicious Downloads
It’s not uncommon for users to experience “DDoS Protection” pages when casually browsing the web. These DDoS protection pages are typically associated with browser checks…
SocGholish Malware: Script Injections, Domain Shadowing, IPs & Obfuscation Techniques
In June 2022, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected and cleaned…
DHL Phishing Page Uses Telegram Bot for Exfiltration
Krasimir Konov One of the quickest ways for an attacker to harvest financial data, credentials, and sensitive personal information is through phishing. These social engineering attacks can…
Cryptominers & WebAssembly in Website Malware
WebAssembly (also referred to as Wasm) is a binary instruction format that runs in the browser to enable high-performance applications on web pages and can…
PrestaShop Skimmer Concealed in One Page Checkout Module
Matt Morrow PrestaShop is a popular freemium open source e-commerce platform used by hundreds of thousands of webmasters to sell products and services to website visitors. While…