Plugins added to Malware Campaign: November 2019
John Castro This is an update for the long-lasting malware campaign targeting vulnerable plugins since January. Please check our previous updates below: Multi-Vector Attack in Server Logs:…
Browsing Category
Website Malware Infections
840 posts
Black Friday/Cyber Monday Ecommerce Security Threats
Luke Leal With the end of November comes the height of the holiday shopping season — specifically Black Friday and Cyber Monday sales, which typically span the…
Wrong content-type to XSS
WordPress Social Sharing Plugin – Sassy Social Share, which currently has over 100000 installations just fixed a Cross Site Scripting Vulnerability. This bug allows attackers…
Malicious Android Application Used in Phishing Scam
Krasimir Konov While we deal with a lot of phishing cases, we rarely see mobile applications used as part of a phishing campaign—these apps add a layer…
Why Reinfections Happen with a WAF
A web application firewall (WAF) is a great way to detect and filter incoming malicious requests before they can exploit website vulnerabilities and security flaws.…
Vulnerable Versions of Adminer as a Universal Infection Vector
Denis Sinegubko This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting…
Plugins added to Malware Campaign: October 2019
This is an update for the long-lasting malware campaign targeting vulnerable plugins during August and September. Please check our previous updates below: Multi-Vector Attack in…
Size for Opera: Hiding Spammy Links
There are many different tricks hackers use to make injected spam links invisible to regular visitors. Below is an example employed by one link spam…
Pharma Spam Redirects to .su & .eu Sites
We regularly clean all sorts of black hat SEO infections. During these infection cleanups, we often find compromised websites redirecting visitors to fake “Canadian Pharmacy”…
Desperate scammers
In an ideal scenario, when a scam website is found by a blacklist authority, it’s flagged as malicious and eventually taken down by the domain…
Fake French Police Sextortion Scam
There has been a noted increase in the number of sextortion scams during 2019. These scam campaigns are commonly distributed through email, but any method…