Recently we’ve seen some WordPress websites displaying unwanted banners at the bottom of the page which appear 15 seconds after browsing the website. Those banners…
In a previous post, we illustrated how attackers were fetching information from compromised sites under their control to display spam content on other hacked websites.…
Just over a week ago, WordPress released version 4.7.3 to patch multiple security issues. Despite the automatic update feature provided by many hosting companies, there…
During an incident response process, we identified some files located at a website’s root folder. Although they had different filenames (post.php, news.php, home.php, etc), they…
As you might remember, we recently blogged about a critical Content Injection Vulnerability in WordPress which allowed attackers to deface vulnerable websites. While our original disclosure only…
Attackers are constantly developing new techniques to compromise ecommerce websites and steal sensitive data. Over the last several weeks, we tracked massive attacks against Magento…