Website Malware: Unwanted Exit to YourBrexit
Denis Sinegubko Some website hacks aim to make some political statements. Defacements are well known for this. Some infections redirect visitors to scam sites that push (usually…
Browsing Category
WordPress Security
666 posts
WordPress Security – Unwanted Redirects via Infected JavaScript Files
We’ve been watching a specific WordPress infection for several months and would like to share details about it. The attacks inject malicious JavaScript code into…
Malicious Subdirectories Strike Again
Fernando Barbosa In a previous post, we illustrated how attackers were fetching information from compromised sites under their control to display spam content on other hacked websites.…
Attackers Silently add new user with Administrator role to WordPress sites
Yuliyan Tsvetkov Attackers tend to get smarter in order to avoid detection, as well as gain access to your WordPress site. They use legit functions of the…
SEO Spam Campaign Exploiting WordPress REST API Vulnerability
Just over a week ago, WordPress released version 4.7.3 to patch multiple security issues. Despite the automatic update feature provided by many hosting companies, there…
Stored XSS in WordPress Core
Marc-Alexandre Montpas As you might remember, we recently blogged about a critical Content Injection Vulnerability in WordPress which allowed attackers to deface vulnerable websites. While our original disclosure only…
SQL Injection Vulnerability in NextGEN Gallery for WordPress
Slavco Mihajloski As part of a vulnerability research project for our Sucuri Firewall (WAF), we have been auditing multiple open source projects looking for security issues. While…
WordPress Security – Fake TrafficAnalytics Website Infection
Rodrigo Escobar Several months ago, our research team identified a fake analytics infection, known as RealStatistics. The malicious Javascript injection looks a lot like tracking code for…
RCE Attempts Against the Latest WordPress REST API Vulnerability
Daniel Cid We are starting to see remote command execution (RCE) attempts trying to exploit the latest WordPress REST API Vulnerability. These RCE attempts started today after…
JavaScript Injections Leads to Tech Support Scam
Krasimir Konov During a recent malware investigation, we found some interesting obfuscated Javascript code. This code pretends to appear as part of the popular AddThis social sharing…
WordPress REST API Vulnerability Abused in Defacement Campaigns
WordPress 4.7.2 was released two weeks ago, including a fix for a severe vulnerability in the WordPress REST API. We have been monitoring our WAF…