Obfuscated Links in the Captcha on Login WordPress Plugin
Bruno Zanelato Do you remember SweetCAPTCHA that tried to monetize its WordPress plugin injecting unwanted ads into web pages? Today we’ve found another CAPTCHA plugin with a…
IP Obfuscation Using Dots ………
Denis Sinegubko Recently I analyzed a porn doorway script and found an interesting way to obfuscate an IP address there. $adr1 = “………………………………………………………………………………………………………………………………………………………..”; $adr2 = “………………………………………………………………………………………………………………………………………………………………………………………………………………..”; $adr3…
404 Errors in Search Console – SEO Spam
Cesar Anjos Every once in a while we get a glimpse into rare and strange behavior that doesn’t involve the website being hacked, but causes major problems…
New Wave of g00 Script Injections
Once active during the past summer, the g00[.]co script injections come with a new wave on infections this November. The most common variation is <script…
Distributed Vulnerability Search – Told via Access Logs
Sometimes just a few lines of access logs can tell a whole story… Many ongoing attacks against WordPress and Joomla sites use a collection of…
Helpscout Blacklisted by Norton
Rodrigo Escobar Early this morning we got complaints from our clients mentioning that Norton was flagging Helpscout, a Help Desk System. Some of the pages were triggering…
jQuery.min.php Malware Affects Thousands of Websites
Nov 2016 Update: If your Joomla or WordPress website is infected, check out our new, free, DIY guides to clean your site and prevent reinfection.…
vBulletin Exploits in the Wild
Daniel Cid **Update: CheckPoint disclosed more details here: Check Point Discovers Critical vBulletin 0-Day. The vBulletin team patched a serious object injection vulnerability yesterday, that can lead…
Return of the EXIF PHP Joomla Backdoor
Peter Gramantik Our Remediation and Research teams are in constant communication and collaboration. It’s how we stay ahead of the latest threats, but it also presents an…
Reversed Pastebin Injection in Magento DB
We worked on an infected Magento site that had unwanted pop-up ads when you visited it. The culprit was this injected script (spaces added intentionally)…
WPScan Intro: WordPress Vulnerability Scanner
Alycia Mitchell Have you ever wanted to run security tests on your WordPress website to see if it could be easily hacked? WPScan is a black box…