.htaccess Tricks in Global.asa Files
Denis Sinegubko As you might know a lot of hacks use Apache configuration .htaccess files to override default web site behavior: add conditional redirects, create virtual paths…
Yet another spam mailer
Krasimir Konov Here is a mailer script we recently found that appears to be designed to send spam emails. These kind of scripts are pretty common, there…
WordPress Malware – Active VisitorTracker Campaign
Daniel Cid We are seeing a large number of WordPress sites compromised with the “visitorTracker_isMob” malware code. This campaign started 15 days ago, but only in the…
Analyzing Proxy Based Spam Networks
Tony Perez We are no strangers to Blackhat SEO techniques, we’ve actually spent a great deal of time working and sharing various bits of information related to…
WordPress Brute Force Attacks – 2015 Threat Landscape
One of the first server-level compromises I had to deal with in my life was around 15 years ago, and it was caused by an…
Magento script stealing credit card details
We recently found another malicious script used to steal credit cards that appears to be injected into compromised websites running Magento, it appears to be…
Ask Sucuri: How to Create Website Backups?
Ben Martin Recently I had the good fortune of being able to present at Wordcamp Vancouver 2015. My presentation was titled ‘Why Security Matters‘ and I mentioned…
Malicious Google Search Console Verifications
This past summer we noticed a trend of more and more Blackhat SEO hacks trying to verify additional accounts as owners of compromised sites in Google Search…
Hacked Sites Help Hack Third-Party Sites
Just a reminder that your hacked site may be used to anonymously hack third-party sites. This Joomla com_Myblog exploit script was found on one hacked…
visitorTracker spam-seo injector wave corrupts sites
Peter Gramantik Recently, we\’re seeing an increasing visitorTracker malware wave. Moreover, there are lot of corrupted infections out there, breaking the infected sites. Right now, the malicious…
Analyzing Popular Layer 7 Application DDoS Attacks
Distributed Denial of Service (DDoS) attacks have been a major concern for website owners for a while. All types of sites, from small to big,…