What is the Gibberish Hack?
Justin Channell Discovering some random folder with numbers and letters you don’t remember on your website would make any website owner put on their detective cap. At…
Browsing Category
Website Security
1031 posts
What is a Website Defacement?
Website defacement is the most obvious sign of a hack. In these cases, bad actors who have gained access to an environment leave their mark…
Evasion Tactics in Hybrid Credit Card Skimmers
Denis Sinegubko The most common type of Magento credit card stealing malware is client-side JavaScript that grabs data entered in a checkout form and sends it to…
Labs Notes Monthly Recap – May/2020
Juliana Lewis In 2020, we doubled up our research efforts to report on many new attacks and hacks that we see in the wild. We believe that…
Malicious Curl Downloader
Krasimir Konov If you want to easily download and save remote files, curl is an excellent command-line tool for Windows and Unix. It supports HTTP, HTTPS, and…
Meet the Victims of Online Scams
Art Martori Imagine a lonely person who’s looking for romantic companionship, so they turn to the internet. Picture someone who’s terribly anxious for news about an online…
Understanding & Stopping Malicious Redirects
Many website owners don’t know they’re infected with malicious redirects until they start getting calls from wary customers. Instead of the site they were expecting,…
Steam Phishing Campaign Uses CS:GO Skin Gambling Lure
Luke Leal Attackers regularly target online gaming accounts as they can quickly sell any transferable items along with account logins to a third party. This scenario has…
What is FTP? Why use it to clean hacked websites?
The File Transfer Protocol (FTP) is a network protocol used to transfer files between a client server and a network. In other words, it is…
B374k Web Shell Packer
PHP web shells are a type of backdoor which, when left on compromised websites, allow attackers to maintain unauthorized access after initial compromise. To further…
YouTube Account Recovery Phishing
Phishing attacks against targeted channels have been successful in the past, as explained last year on ZDNet. Recently, our Remediation team found an interesting phishing…