Website Security News
Recently, someone reached out to us about a malicious process they had discovered running on their web server. This process was maxing out the CPU, which is not unusual when a cryptominer process is running without any throttling. Below is an example of what this…
It’s no news that webmasters commonly make use of external scripts to add more features to their site, but things can turn out for the worse quite easily. What if…
Read More about Lightbox Adware – From Innocent Scripts to Malicious Redirects
When considering why hackers are attacking websites, you might think that there’s a specific reason they target you as a website owner—your business, your reputation, or your information. But the…
The open source PHP forum software myBB recently published a new update, version 1.8.21. This is a security release fixing a Stored XSS vulnerability in the private messaging and post…
Logs can be very useful because they are a record of what was done by whom. They are especially useful when you need to find out more on how a…
This blog post talks about how a web spam campaign that targets only one country may create problems for sites owners around the world — even if their site is…
Read More about Korean Gambling and Call Girl Spam on Hacked and Non-hacked Sites
On May 28th, a critical OS Command Injection vulnerability affecting the WP-Database-Backup plugin was disclosed to the public by the Wordfence team. This is a very nasty bug which made…
These days, the majority of store owners opt-in for the easiest closed-source ecommerce platform options. For the most part, these platforms typically allow users to customize a template, as well…
Read More about Closed Source E-commerce Platforms Can Be Compromised
WordPress is one of the most popular content management systems (CMS) out there. That’s why it is vital to prevent WordPress hacking. Statistically, over 33% of websites currently run on…
Read More about WordPress Hacks: 5 Ways to Protect WordPress from Hacking
In the past, we’ve mentioned how the PHP XOR bitwise operator (represented by the caret ^) can be used to encrypt a malware’s source code. This operator makes it more…
Read More about PHP Backdoor Evaluates XOR Encrypted Requests
We recently had a client that had a persistent malware infection on their shared hosting environment that would re-infect the files quickly after we had cleaned them. The persistence was…
Read More about Return to the City of Cron – Malware Infections on Joomla and WordPress
