Mixed Content Warnings in Google Chrome
Peter Kankowski Migrating your website to HTTPS may seem like a simple task. Get the TLS/SSL certificate, install it on your web server, and you’re done. The…
Browsing Category
Website Security
1031 posts
Malicious Android Application Used in Phishing Scam
Krasimir Konov While we deal with a lot of phishing cases, we rarely see mobile applications used as part of a phishing campaign—these apps add a layer…
Why Reinfections Happen with a WAF
Luke Leal A web application firewall (WAF) is a great way to detect and filter incoming malicious requests before they can exploit website vulnerabilities and security flaws.…
Vulnerable Versions of Adminer as a Universal Infection Vector
Denis Sinegubko This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting…
Size for Opera: Hiding Spammy Links
There are many different tricks hackers use to make injected spam links invisible to regular visitors. Below is an example employed by one link spam…
Pharma Spam Redirects to .su & .eu Sites
We regularly clean all sorts of black hat SEO infections. During these infection cleanups, we often find compromised websites redirecting visitors to fake “Canadian Pharmacy”…
Halloween Tales of the IoT Crypt
Josh Hammer In the spirit of Halloween, we bring you some of the scariest internet of things (IoT) hacks that we have been made aware of. While…
Desperate scammers
In an ideal scenario, when a scam website is found by a blacklist authority, it’s flagged as malicious and eventually taken down by the domain…
Data URLs and HTML Entities in New WordPress Malware
Last week, an ongoing WordPress malware campaign started a new wave which included a variety of experimental injection types. Scripts as Data URLs The first…
Fake French Police Sextortion Scam
There has been a noted increase in the number of sextortion scams during 2019. These scam campaigns are commonly distributed through email, but any method…
Throwback Threat Thursday: JCE Vulnerability
Throwback Threat Thursday is a series of posts where we recall older vulnerabilities that have since been patched by their developers. In the past, these…