Browser/OS Statistics From Half Billion Blocked Attacks
Daniel Cid The need to make better sense of markets is paramount to the way businesses are run and decisions are made. We see this with the…
Spotlight: How iThemes Manages Their Website Security
Alycia Mitchell iThemes was one of the first premium theme shops for WordPress. Over the years their focus has expanded to include premium WordPress plugins that help…
Malicious ShopSearcher Script
Denis Sinegubko We see a strong trend in hacking ecommerce sites in order to hijack payment process and steal customers credit card details. During the last couple…
Phishing Attacks Target Ecommerce Checkout Pages
Hunting credit card details on compromised ecommerce websites has become popular over the last two years. We have reported multiple cases in the past where…
Magento One Page checkout being injected by Malicious Redirects
Bruno Zanelato The checkout process is one of the most important steps for any e-commerce business. The user experience during this process will set the tone for…
New Realstatistics Attack Vector Compromising Joomla Sites
Caleb Lane Nov 2016 Update: If your Joomla site has been hacked, you can follow our guide to fixing it. Read the Guide! Over the past few…
PCI for SMB – Requirement 2- Do Not Use Defaults
Update: Read our new PCI Compliance guide. If you have an ecommerce website and you accept credit cards from your clients, you probably already heard…
Out-of-Site Drupal Malware
Cesar Anjos We recently wrote about a Drupal black-hat SEO hack that among other things redirected users coming from Google to botscache[.]com site. It hijacked the bootstrapping…
Realstatistics Malware Campaign Uses Fake Analytics Sites
In this post we’ll show you the tactics employed by the realstatistics malware campaign to make their injections seem less suspicious. The injection looks like…
Realstatistics Malware Campaign Leads To Ransomware
Our Incident Response Team (IRT) has been tracking a mass infection campaign over the last two weeks ( codenamed “Realstatistics“). This campaign has compromised thousands of websites built…
Straightforward Backdoor Installer
Malware uses encryption, obfuscation and other tricks to prevent its detection so that the compromised sites stay infected for as long as possible. Quite often…