Magento Skimmer Found Loading from magecart[.]net
Luke Leal We recently came across a simple Magento credit card skimmer found on a compromised website that was loading from the malicious domain magecart[.]net. The malicious…
Browsing Category
Website Malware Infections
858 posts
Clean Logs After Rooting Bash Script
During an active research investigation, we found an interesting bash script described by the author as Clean Logs After Rooting. This script is used once…
WordPress Mass Password Changer
Our team recently came across a password changer for WordPress that allows attackers to modify WordPress user passwords within a compromised environment. By default, the…
Top 10 Sucuri Research Articles in 2019
Justin Channell As we settle into 2020, it’s a good time to look back at what was learned in the previous year. After all, the past provides…
What is Cross-Site Contamination?
Juliana Lewis How many websites do you currently have on your server? If the answer is something along the lines of, “One that I really care about,…
5 Year Anniversary of the SoakSoak Malware Tsunami
Denis Sinegubko This is a story about the SoakSoak malware campaign that proved that you can’t underestimate impact of security issues in popular premium software. These days,…
How Websites Are Used to Spread Emotet Malware
In past posts, we’ve discussed the more popular reasons why hackers target smaller websites. Today, we’ll focus instead on how hackers use compromised websites to…
Why Hackers Create Phishing Campaigns
Antony Garand Phishing is a malicious attempt to obtain personally identifiable information of a victim. The first thing to keep in mind about phishing is the goal…
Plugins added to Malware Campaign: November 2019
John Castro This is an update for the long-lasting malware campaign targeting vulnerable plugins since January. Please check our previous updates below: Multi-Vector Attack in Server Logs:…
Black Friday/Cyber Monday Ecommerce Security Threats
With the end of November comes the height of the holiday shopping season — specifically Black Friday and Cyber Monday sales, which typically span the…
Wrong content-type to XSS
WordPress Social Sharing Plugin – Sassy Social Share, which currently has over 100000 installations just fixed a Cross Site Scripting Vulnerability. This bug allows attackers…