What is Secure Shell (SSH) & How to Use It: Security & Best Practices
Kaushal Bhavsar Navigating your WordPress site’s dashboard can provide you with significant control over your website’s functionality and appearance. Yet it won’t offer a direct interaction or…
Decoding Magecart: Credit Card Skimmers Concealed Through Pixels & Images
Ben Martin MageCart infections most often come in the form of complex, obfuscated JavaScript injected into Magento database tables such as core_config_data, or as malicious plugins or…
Bogus URL Shorteners Go Mobile-Only in AdSense Fraud Campaign
Denis Sinegubko Since September 2022, our team has been tracking a bogus URL shortener redirect campaign that started with just a single domain: ois[.]is. By the beginning…
How to Quickly Find & Fix Mixed Content Issues (SSL/HTTPS)
Rianna MacLeod With the web’s increased emphasis on security, all sites should operate on HTTPS. Installing an SSL certificate allows you to make that transition with your…
Compromised OpenCart Payment Module Steals Credit Card Information
Today’s story starts much the same as many others on this blog: A new client came to us reporting that credit card details were being…
Critical Security Update for Magento Open Source & Adobe Commerce
Last week on August 8th, 2023, Adobe released a critical security patch for Adobe Commerce and the Magento Open Source CMS. The patch provides fixes…
From Google DNS to Tech Support Scam Sites: Unmasking the Malware Trail
A vast majority of website malware employ the ever-familiar HTTP/HTTPS protocols for its malicious activities. But, we also periodically confront more interesting hybrid malware leveraging…
SiteCheck Remote Website Scanner — Mid-Year 2023 Report
Conducting an external website scan for indicators of compromise is one of the easiest ways to identify security issues. While remote scanners may not provide…
WordPress Vulnerability & Patch Roundup July 2023
Cesar Anjos Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Abandoned US Congressional Website Used in Asian Gambling Spam Infection
Website owners and developers tend to buy a lot of domains. With different projects on the go and working with multiple different clients at any…
How to Scan a Website for Vulnerabilities
Even the most diligent site owners should consider when they had their last website security check. As our own research indicates, infections resulting from known…