Monetized JavaScript Redirect to Free Porn Webcams for Mobile Devices
Yuliyan Tsvetkov Attackers will do desperate and obvious things to boost the views of their ‘customers’. On a daily basis we find different malicious redirects (some are…
Browsing Category
Website Security
1031 posts
The Story of an Expired WHOIS Server
Salvador Aguilar We write quite often about SEO spam injections on compromised websites, but this is the first time we have seen this blackhat tactic spreading into…
Ghost from the Past
Denis Sinegubko Some sites may stay infected or not properly cleaned for years. Eventually, they come to us and we clean them. It doesn’t matter whether the…
When malware injection goes wrong
Ben Martin Today while scanning a client’s website, I found a failed attempt by attackers to hide the location of a backdoor. It is very common for…
Spam content injection
Samuel Odendaal During a recent incident response investigation, we detected an infected website loading spam content from another location. The malware was responsible for fetching the spam…
.user.ini SPAM SEO Redirect
John Castro Since PHP 5.3.0, PHP includes support for configuration INI files on a per-directory basis that has the same effect (depending on the case) that the…
Backdooring sites using exotic php functions
Throughout the last few months, we published multiple articles about simple but powerful backdoors and how attackers get creative. Virtually in all cases, the code…
Hiding malicious code from the user using white spaces
Over the years, attackers have used different techniques for hiding malicious files on websites. They obfuscated code, changed legit functions to execute malware, modified whole…
Checking blacklisted domains or IP for spamming
Luke Leal Often times we will encounter websites that have been injected with a redirect and these can vary from blackhat SEO tactics for boosting domain rankings…
Website Application Firewalls (WAF) – Practical Approach to Website Security
Tony Perez In 2016, I shared some thoughts about firewalls in general; their history and purpose in the information security domain. The point of the article was…
RealStatistics Goes TrafficAnalytics
Rodrigo Escobar In the last few months, our Incident Response Team detected an interesting malicious code that affected a high number of websites. This malware is a…