Magento Credit Card Stealing Malware: gstaticapi
Krasimir Konov Our team recently came across a malicious script used on a Magento website titled gstaticapi, which targeted checkout processes to capture and exfiltrate stolen information.…
Malicious One-Liner Using Hastebin
Short scripts that deliver malware to a website are nothing new, but during a recent investigation we found a script using hastebin[.]com, which is a…
Phishing Page Targets AT&T’s Employee Multi-Factor Authentication
Luke Leal Employees at companies of all sizes can be targets of phishing attacks, but certain corporations or industries can be more valuable to an attacker than…
The Hidden PHP Malware that Reinfects Cleaned Files
Website reinfections are a serious problem for website owners, and it can often be difficult to determine the cause behind the reinfection — especially if…
phpbash – A Terminal Emulator Web Shell
It’s common for hackers to utilize post-compromise tools that contain a graphical user interface (GUI) that can be loaded in the web browser. A GUI…
Missing DMARC Records Lead to Phishing
Kaushal Bhavsar Email will continue to be the dominant mode of digital communication for the foreseeable future. However, the email framework was not designed with security in…
WordPress Malware Disables Security Plugins to Avoid Detection
An alarm or monitoring system is a great tool that can be used to improve the security of a home or website, but what if…
Reflected XSS in WordPress Plugin Admin Pages
Antony Garand The administrative dashboard in WordPress is a pretty safe place: Only elevated users can access it. Exploiting a plugin’s admin panel would serve very little…
Insufficient Privilege Validation in NextScripts: Social Networks Auto-Poster
John Castro NextScripts: Social Networks Auto-Poster is a plugin that automatically publishes posts from your blog to your Social Media accounts such as Facebook, Twitter, Google+, Blogger,…
Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites
Yesterday, the WordPress plugin File Manager was updated, fixing a critical vulnerability allowing any website visitor to gain complete access to the website. Users of…
Using assert() to Execute Malware in PHP 7 Environments
Initially released December 2015, PHP 7 introduced a multitude of performance and security improvements. Approximately 43.7% of websites across the web currently use PHP 7.x,…