Examining Less-Common WordPress Credit Card Skimmers
Ben Martin Since 2020 considerable attention has been spent analysing the emergence of MageCart malware within WordPress environments which most commonly affects sites using WooCommerce. As demonstrated…
Fake DDoS Pages On WordPress Sites Lead to Malicious Downloads
It’s not uncommon for users to experience “DDoS Protection” pages when casually browsing the web. These DDoS protection pages are typically associated with browser checks…
SocGholish Malware: Script Injections, Domain Shadowing, IPs & Obfuscation Techniques
Denis Sinegubko In June 2022, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected and cleaned…
The Importance of Website & Server Logs
Krasimir Konov Have you ever looked at your server or website logs and realized that they make absolutely no sense to you? Or thought that logs just…
Fake Instagram Verification & Twitter Badge Phishing
Luke Leal Social media platforms like Instagram and Twitter offer verification badges as a credibility indicator to help show authenticity and integrity to visitors. To obtain a…
7 Tips to Clean & Maintain Your Website
Michael Evert Most people would agree — living in a house full of accumulated debris and unnecessary objects can create a chaotic environment, and even cause health…
WordPress Vulnerabilities & Patch Roundup — July 2022
Antony Garand Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
DHL Phishing Page Uses Telegram Bot for Exfiltration
One of the quickest ways for an attacker to harvest financial data, credentials, and sensitive personal information is through phishing. These social engineering attacks can…
Cryptominers & WebAssembly in Website Malware
Cesar Anjos WebAssembly (also referred to as Wasm) is a binary instruction format that runs in the browser to enable high-performance applications on web pages and can…
PrestaShop Skimmer Concealed in One Page Checkout Module
Matt Morrow PrestaShop is a popular freemium open source e-commerce platform used by hundreds of thousands of webmasters to sell products and services to website visitors. While…
Security Lessons Learned from 2021
Victor Santoyo There’s no one specific topic or target or audience when it comes to website security. But when you clean enough hacked websites, you start to…