Magento Supply Chain Attack Targets Extension Developer FishPig
Ben Martin Magento store owners using the popular FishPig extensions should be wary of a recent supply chain attack which compromised their software repository. FishPig released a…
Gambling Spam in Visual Composer Raw HTML Element: [vc_raw_html]
Denis Sinegubko Bad actors often look for clever ways to boost the rankings and visibility of their spam pages in search. One of the many black hat…
What Is Clickjacking & How Do I Prevent It?
Antony Garand There are a plethora of techniques that attackers use to redirect site visitors and harvest sensitive information on compromised websites. But when most webmasters think…
How to Find & Remove Malware in Favicon (.ico) Files
Rianna MacLeod When a website is hacked symptoms can sometimes include unexpected, unfamiliar and strangely located favicon or .ico files. Other symptoms might include: ”This site may…
What is HTTP Error 500 & How to Fix It
A frustrating interruption to anyone’s day is the infamous HTTP Error 500 internal server error message. When it happens not only do you lose traffic…
WordPress Vulnerabilities & Patch Roundup — August 2022
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
How to Remove 404 Errors in Search Console
Cesar Anjos Hacked websites are known to result in a plethora of headaches for webmasters, including malicious redirects, broken links, and unwanted spam content. But did you…
Examining Less-Common WordPress Credit Card Skimmers
Since 2020 considerable attention has been spent analysing the emergence of MageCart malware within WordPress environments which most commonly affects sites using WooCommerce. As demonstrated…
Fake DDoS Pages On WordPress Sites Lead to Malicious Downloads
It’s not uncommon for users to experience “DDoS Protection” pages when casually browsing the web. These DDoS protection pages are typically associated with browser checks…
SocGholish Malware: Script Injections, Domain Shadowing, IPs & Obfuscation Techniques
In June 2022, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected and cleaned…
The Importance of Website & Server Logs
Krasimir Konov Have you ever looked at your server or website logs and realized that they make absolutely no sense to you? Or thought that logs just…