ThinkPHP 5.x – Remote Code Execution Actively Exploited In The Wild
John Castro Earlier this year, we noticed an increase in attacks aiming at ThinkPHP. ThinkPHP is a PHP framework that is very popular in Asia. If you…
DDoS Targeting WordPress Search
Northon Torga Have you ever stopped to think about how many resources a search engine has or if your website could handle the same amount of search…
SQL Injection in Duplicate-Page WordPress Plugin
Marc-Alexandre Montpas While investigating the Duplicate Page plugin, we have discovered a dangerous SQL Injection vulnerability. Though the plugin wasn’t abused externally, the vulnerability impacted over 800,000…
Malware Campaigns Sharing Network Resources: r00ts.ninja
Luke Leal We recently noticed an interesting example of network infrastructure resources being used over a period of time by more than one large scale malware campaign…
April Fool’s Day – TYPO3 Overtakes WordPress as Most Attacked CMS Due to Popularity
Val Vesa Disclaimer: This is an April Fool’s Day blog post and not all the information below is accurate. If you are looking for updated information on…
Social Warfare Vulnerability Probes
Denis Sinegubko After a recent disclosure of the Social Warfare plugin vulnerability, we’ve seen massive attacks that inject malicious JavaScripts into the plugin options. The vulnerability has…
SQL Injection in Magento Core
Magento has released a new security update fixing multiple types of vulnerabilities including Cross-Site Request Forgery, Cross-Site Scripting, SQL Injection, and Remote Code Execution. To…
Conditional redirection to an online pharmacy store
Moe O During an investigation, a client reported some weird behavior from all incoming visits during their Google search engine result clicks are instantly redirected to an…
Stored XSS Patched in WordPress 5.1.1
WordPress recently released an update, 5.1.1, which patches a stored XSS vulnerability in the platform’s comment system. Even 10 days after the release of this…
Super Amazon Banners Plugin Gone Rogue
Krasimir Konov During a recent investigation we found the plugin Super Amazon Banners to be serving malware/spam via the domain seoranker[.]info. We suspect that the domain expired…
How to Choose a Website Security Provider
Josh Hammer As more people are creating websites and becoming aware of website security, companies are popping up everywhere to help with the problem. And just like…