How to Recognize & Avoid Phishing Emails: A Cautionary Tale
Matt Morrow We’ve all received spam and phishing emails — our inboxes are often full of them. They let us know that our package is being delivered…
Massive Google Colaboratory Abuse: Gambling and Subscription Scam
Denis Sinegubko This investigation started with a small and quite simple piece of PHP malware found on a hacked website. We located the following PHP code, responsible…
Malicious Injection Redirects Traffic via Parked Domain
Puja Srivastava During a recent investigation, our malware remediation team encountered a variant of a common malware injection that has been active since at least 2017. The…
How to Harden WordPress: A Basic Overview
Ben Martin Out-of-the-box security configurations tend to not be very secure. This is usually true for all software and WordPress is no exception. Best practices suggest you…
What is php.ini? Where It’s Located, How to Edit & Common Directives
Rianna MacLeod The php.ini file, a critical configuration file containing your web server’s PHP settings, is integral to the functioning of your website. Each time PHP initiates,…
New Guide on Secure VPS Configuration
One of the most common problems that we observe among many of our clients is the persistent threat of cross contamination – that is, malware…
How to Harden WordPress With WP-Config & Avoid Data Exposure
Luke Leal What is wp-config.php? The wp-config.php file is a powerful core WordPress file that is vital for running your website. It contains important configuration settings for…
Spamdexing: What is SEO Spam & How to Remove It
Ever had an uninvited guest crash your party, resulting in chaos, confusion, and some unhappy visitors? Well, SEO spam is that party crasher — just…
WordPress Vulnerability & Patch Roundup June 2023
Cesar Anjos Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Remote Code Execution Backdoor Uses Unicode Obfuscation & Non-Standard File Extensions
Readers of this blog will know that attackers are constantly finding new ways to hide their malware and avoid detection; after all, that’s what good…
New WooCommerce Security Best Practices Guide
WooCommerce is a widely used e-commerce platform, powering nearly 6 million online stores worldwide. Its popularity makes it a prime target for cybercriminals looking to…