Manipulating WordPress Plugin Functions to Inject Malware
Keir Desailly Most authors of website malware usually rely on the same tricks, making it easy for malware researchers to spot obfuscated code, random files that don’t…
Browsing Category
Website Malware Infections
865 posts
Malvertising Payload Targets Home Routers
Fioravante Souza A few weeks ago we wrote about compromised websites being used to attack your web routers at home by changing DNS settings. In that scenario…
Drupal SQL Injection Attempts in the Wild
Daniel Cid Update (2014/10/29): The Drupal team just released a Public Service Announcement, confirming what we are seeing (mass compromise of Drupal sites). We’ve released a new…
Highly Critical SQL Injection Vulnerability Patched in Drupal Core
The Drupal team just released a security update for Drupal 7.x to address a highly critical SQL injection vulnerability. This bug can be exploited remotely…
WordPress Websites Continue to Get Hacked via MailPoet Plugin Vulnerability
The popular Mailpoet(wysija-newsletters) WordPress plugin had a serious file upload vulnerability a few months back, allowing an attacker to upload files to vulnerable sites. This…
Website Attacks – SQL Injection And The Threat They Present
We are starting a new series of articles where we will talk about different active website attacks we are seeing. The first one we will…
Phishing with Help from Compromised WordPress Sites
We get thousands of spam and phishing emails daily. We use good spam filters (along with Gmail) and that greatly reduces the noise in our…
Website Security: A Case of SEO Poisoning
Fernando Barbosa There are so many ways your website can be co-opted by hackers for many different reasons, targeting the value created via your SEO is highly…
Bash – ShellShocker – Attacks Increase in the Wild – Day 1
The Bash ShellShocker vulnerability was first disclosed to the public yesterday. Just a few hours after the initial release, we started to see a few…
Bash Vulnerability – Shell Shock – Thousands of cPanel Sites are High Risk
The team behind the Bash project (the most common shell used on Linux) recently issued a patch for a serious vulnerability that could allow for…
Website Malware – Curious .htaccess Conditional Redirect Case
I really enjoy when I see different types of conditional redirects on compromised sites. They are really hard to detect and always lead to interesting…