WPScan Intro: How to Scan for WordPress Vulnerabilities
Alycia Mitchell In this post, we look at how to use WPScan. The tool provides you a better understanding of your WordPress website and its vulnerabilities. Be…
WPScan Intro: How to Install the WordPress Vulnerability Scanner
What does your WordPress site look like to hackers? Would it be tough to crack? Or does it have unlocked doors and unlatched windows just waiting for someone…
WordPress Continues to Fall Victim to Carding Attacks
Ben Martin Unsurprisingly, as WordPress continues to increase in popularity as an e-commerce platform, attackers continue to attempt to steal credit card information from unsuspecting clients. Currently, the WordPress plugin WooCommerce accounts for roughly a quarter of all…
How to Know If You’re Being DDoSed
Stephen Johnston Nowadays, the term DDoS raises the heart rate of most webmasters. Though many don’t know exactly what a DDoS attack is, they might be familiar…
The Importance of Website Backups
Juliana Lewis Today is World Backup Day. This date was created to remind people of the importance of having backups set up for everything that matters. I am pretty sure your website falls into…
PHP Repository Exploited by Hackers
Antony Garand The official PHP git repository, http://git.php.net/, was compromised this Sunday, March 28. An attacker was able to modify the PHP source code twice and inject…
How Do Websites Get Hacked?
Mike Martens As much as the web has grown, surprisingly not a lot has changed in how websites get hacked. The most important thing you can do…
Server Side Data Exfiltration via Telegram API
Cesar Anjos One of the themes commonly highlighted on this blog includes the many creative methods and techniques attackers employ to steal data from compromised websites. Credit…
Magento 2 PHP Credit Card Skimmer Saves to JPG
Luke Leal Bad actors often leverage creative techniques to conceal malicious behaviour and harvest sensitive information from ecommerce websites. A recent investigation for a compromised Magento 2…
Trojan Spyware and BEC Attacks
When it comes to an organization’s security, business email compromise (BEC) attacks are a big problem. One primary reason impacts are so significant is that…
SQL Triggers in Website Backdoors
Over the past year, there’s been an increasing trend of WordPress malware using SQL triggers to hide malicious SQL queries within hacked databases. These queries…