Website Security News

June 26, 2019Luke Leal

Fake Instagram Verification

Across various social media platforms there are verification checkmark symbols that appear near the name of the account’s page we view. For example, this verified account indicator seen from our Twitter page: These verification checkmarks exist as a credibility indicator to help show authenticity and…

June 24, 2019Douglas Santos

Why is Your Website a Target? The SEO Value of a Website

Website security is what we eat, sleep, and breathe. It’s what we do best because we deal with hacked websites every single day, thousands of them. Among the various types…

June 21, 2019Stephen Johnston

Malware vs Virus: What’s the Difference?

There appears to be a general misunderstanding among internet users about the difference between malware and viruses. The two terms are often used interchangeably and to an extent, this is…

June 19, 2019Luke Leal

Cryptomining Dropper and Cronjob Creator

Recently, someone reached out to us about a malicious process they had discovered running on their web server. This process was maxing out the CPU, which is not unusual when…

June 17, 2019Cesar Anjos

Lightbox Adware – From Innocent Scripts to Malicious Redirects

It’s no news that webmasters commonly make use of external scripts to add more features to their site, but things can turn out for the worse quite easily. What if…

June 14, 2019Pilar Garcia

Why Do Hackers Hack? – 3 Reasons Explained

When considering why hackers are attacking websites, you might think that there’s a specific reason they target you as a website owner—your business, your reputation, or your information. But the…

June 11, 2019Marc-Alexandre Montpas

Stored XSS in MyBB <= 1.8.20

The open source PHP forum software myBB recently published a new update, version 1.8.21. This is a security release fixing a Stored XSS vulnerability in the private messaging and post…

June 10, 2019Krasimir Konov

FTP Logs Used to Determine Attack Vector

Logs can be very useful because they are a record of what was done by whom. They are especially useful when you need to find out more on how a…

June 7, 2019Denis Sinegubko

Korean Gambling and Call Girl Spam on Hacked and Non-hacked Sites

This blog post talks about how a web spam campaign that targets only one country may create problems for sites owners around the world — even if their site is…

June 4, 2019Marc-Alexandre Montpas

OS Command Injection in WP-Database-Backup

On May 28th, a critical OS Command Injection vulnerability affecting the WP-Database-Backup plugin was disclosed to the public by the Wordfence team. This is a very nasty bug which made…

June 3, 2019Krasimir Konov

Closed Source E-commerce Platforms Can Be Compromised

These days, the majority of store owners opt-in for the easiest closed-source ecommerce platform options. For the most part, these platforms typically allow users to customize a template, as well…