Redirect to Microsoft Word Macro Virus
Denis Sinegubko These days we rarely see Microsoft Word malware on websites, but it still exists and compromised websites can distribute this kind of malware as well. It’s…
vBulletin Still Redirecting to Myfilestore.com
Fernando Barbosa MyFileStore[.]com redirects from vBulletin sites have been a problem since 2011. It is associated with the VBSEO plugin with multiple unpatched vulnerabilities that has been…
Magento Malware Emails Stolen Credit Card Details to Hackers
Cesar Anjos We regularly find malware that tries to steal client credit card details from Magento sites. Hackers use a few tricks and slightly modify their code…
Brute Force Amplification Attacks Against WordPress XMLRPC
Daniel Cid Brute force attacks are one of the oldest and most common types of attacks that we still see on the Internet today. If you have…
Phishing for Anonymous Alligators
Everyone has encountered phishing at some point – fake emails and web pages designed to look legitimate. This tactic is becoming more popular as attackers…
Malware in comments
There are many tricks to hide malicious code. One of them is placing it to the part of legitimate files where people don’t normally expect…
Security Advisory: Stored XSS in Jetpack
Marc-Alexandre Montpas During a routine audit for our WAF, we discovered a critical stored XSS affecting the Jetpack WordPress plugin, one of the most popular plugins in…
FormCraft v1.4.6 under attack
As we clean many sites infected by the VisitorTracker malware, we see vulnerabilities in multiple plugins being exploited by attackers. For example, my colleagues John…
WordPress Malware – VisitorTracker Campaign Update
For the last 3 weeks we have been tracking a malware campaign that has been compromising thousands of WordPress sites with the VisitorTracker malware code.…
Analyzing Black Hat URL Shorteners
Hackers are known to use URL shortening services to obfuscate their real landing pages. It’s very effective in clickbait scams on social networks. Some hackers…
Minimalistic WordPress injection
WordPress-specific malware is slightly different than generic PHP malware. Inside WordPress files, it can use WordPress API and WordPress database. This allows to create this…