How to Improve Your Website Security Posture – Part I
AJ Syed Ali Have you ever wondered if your website security posture is adequate enough? The risk of having a website compromise is never going to be zero.…
Browsing Category
Website Malware Infections
838 posts
Fake Cloudflare Injection
Fioravante Souza Seeing malicious campaigns using domain names that resemble big market players is not news anymore. This time I\’ll talk about the new redirects of cloudflare.pw.****…
Cookie Consent Script Used to Distribute Malware
Krasimir Konov Most websites today use cookies. Since May 25th, 2018, all websites that do business in the European Union (EU) had to make some changes to…
Obfuscated JavaScript Crypto Miner
Samuel Odendaal During an incident response investigation, we detected an interesting piece of heavily obfuscated JavaScript malware. Once decoded, Crypto Miners were ran on customers visiting the…
RawGit CDN is Abused by CryptoLoot Cryptominers
Denis Sinegubko Recently, we came across another way to use files from GitHub repositories in malware infections. This time the infections weren’t via GitHub.io, raw.githubusercontent.com, or github.com/<user>/<repository>/raw/…
How Some OTP Systems Can Be Used to Prank Spam
Luke Leal I recently came across an interesting index.php file and its corresponding directory on a compromised website. I loaded it in a testing environment and immediately…
Using Innocent roles to hide admin users
Cesar Anjos All across the internet we find guides and tutorials on how to keep your WordPress site secure, and they all approach the concept of user…
Persistent Malicious Redirect Variants
Peter Gramantik It’s always nice to meet an old friend or someone you used to know well. You have news to share and talk about, stories to…
Ask Sucuri: How Do You Find Website Backdoors?
Juliana Lewis In a previous post, we have explained what website backdoors are and what they look like. Today, we want to focus on ways that we…
CoinImp Cryptominer and Fully Qualified Domain Names
We are all familiar with the conventional domain name notation, where different levels are concatenated with the full stop character (period). E.g. “www.example.com”, where “www”…
Google and Facebook Used in Phishing Campaigns
We’ve all seen sketchy looking emails or texts with malicious links to click on. There are still people who fall for these more obvious types…