5 Year Anniversary of the SoakSoak Malware Tsunami
Denis Sinegubko This is a story about the SoakSoak malware campaign that proved that you can’t underestimate impact of security issues in popular premium software. These days,…
Browsing Category
Website Malware Infections
854 posts
How Websites Are Used to Spread Emotet Malware
Luke Leal In past posts, we’ve discussed the more popular reasons why hackers target smaller websites. Today, we’ll focus instead on how hackers use compromised websites to…
Why Hackers Create Phishing Campaigns
Antony Garand Phishing is a malicious attempt to obtain personally identifiable information of a victim. The first thing to keep in mind about phishing is the goal…
Plugins added to Malware Campaign: November 2019
John Castro This is an update for the long-lasting malware campaign targeting vulnerable plugins since January. Please check our previous updates below: Multi-Vector Attack in Server Logs:…
Black Friday/Cyber Monday Ecommerce Security Threats
With the end of November comes the height of the holiday shopping season — specifically Black Friday and Cyber Monday sales, which typically span the…
Wrong content-type to XSS
WordPress Social Sharing Plugin – Sassy Social Share, which currently has over 100000 installations just fixed a Cross Site Scripting Vulnerability. This bug allows attackers…
Malicious Android Application Used in Phishing Scam
Krasimir Konov While we deal with a lot of phishing cases, we rarely see mobile applications used as part of a phishing campaign—these apps add a layer…
Why Reinfections Happen with a WAF
A web application firewall (WAF) is a great way to detect and filter incoming malicious requests before they can exploit website vulnerabilities and security flaws.…
Vulnerable Versions of Adminer as a Universal Infection Vector
This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting…
Plugins added to Malware Campaign: October 2019
This is an update for the long-lasting malware campaign targeting vulnerable plugins during August and September. Please check our previous updates below: Multi-Vector Attack in…
Size for Opera: Hiding Spammy Links
There are many different tricks hackers use to make injected spam links invisible to regular visitors. Below is an example employed by one link spam…