Website Security News
Learn about the latest website security news from our research and incident response teams. Find out about emerging website malware campaigns and the best steps to protect your site from hackers. To learn more check out the series of website security guides created by our team.
Our team recently found a malicious JavaScript injection within the WordPress index.php theme file on a compromised WordPress website which ultimately redirects site visitors to a survey-for-gifts scam website. At this time of writing, we have seen over two thousand new infected sites since we…
Read More about Malicious JavaScript Used in WP Site/Home URL Redirects
While we mostly see skimmers on Magento based websites, this does not mean that less-popular ecommerce platforms are safe from infections with similar payment information stealing malware. Our security analyst…
An authentication bypass vulnerability affecting more than 300,000 InfiniteWP Client plugin users has recently been disclosed to the public. This plugin allows site owners to manage multiple websites from one…
Read More about Authentication Bypass Vulnerability in InfiniteWP Client <= 1.9.4.4
As we settle into 2020, it’s a good time to look back at what was learned in the previous year. After all, the past provides valuable lessons for the future….
How many websites do you currently have on your server? If the answer is something along the lines of, “One that I really care about, some older ones that I…
Two-factor authentication (2FA) brings an extra layer of security that passwords alone can’t provide. Requiring an extra step for a user to prove their identity reduces the chance of a…
One of the biggest malicious trends in the last few months and years are credit card stealers — also commonly referred to as credit card skimmers or cc stealers. In…
Read More about The Anatomy of Website Malware Part 2: Credit Card Stealers
How many passwords do you use in a given day? Everything on the internet requires a password. It can be tough to keep track of them all and keep coming…
This is a story about the SoakSoak malware campaign that proved that you can’t underestimate impact of security issues in popular premium software. These days, the majority of popular content…
Read More about 5 Year Anniversary of the SoakSoak Malware Tsunami
In past posts, we’ve discussed the more popular reasons why hackers target smaller websites. Today, we’ll focus instead on how hackers use compromised websites to spread dangerous malware like Emotet…
Read More about How Websites Are Used to Spread Emotet Malware
Website malware is no joke. Our own research shows that with WordPress, by far today’s most common content management system (CMS), new infections are on the rise. Even with security…
Read More about 5 Malware & Virus Scanning Tools You Need to Check Out
