We leverage OSSEC extensively to help monitor and protect our servers. If you are not familiar with OSSEC, it is an open source Intrusion Detection System…
We’ve seen lots of JavaScript tricks that hide injected spam from human visitors while making it look “visible” for search engines. The most popular approach…
Remember the wave of HTML files infection back in 2015 affecting outdated WordPress sites? Now it came back more powerful, with more files uploaded via…
You might know Google popular services: Google Ads, AdSense and DoubleClick. You might even know scripts and domains they use. For example, DoubleClick loads scripts…
Many black hat SEO campaigns use cloaking on hacked sites. Malicious scripts only inject spammy content when search engine crawlers request web pages on compromised…
When using WPScan you can scan your WordPress website for known vulnerabilities within the core version, plugins, and themes. You can also find out if…
Some webmasters only check recently modified files when searching for malware. It may work sometimes, but many infections don’t change files’ time-stamps. There is the…