Malicious Backdoors: Fake Images and Strrev Functions
Samuel Odendaal When a website is compromised, attackers frequently leave behind a backdoor – according to our research around 70% of all website hacks include a backdoor.…
Old Themes, Abandoned Scripts and Pitfalls of Cleaning Serialized Data
Denis Sinegubko Over the summer, we’ve seen waves of WordPress database infections that use vulnerabilities in tagDiv’s Newspaper/Newsmag themes or InterconnectIT Search and Replace scripts (searchreplacedb2.php). The…
SEO spam loading from external site
Krasimir Konov Many websites get compromised and used for SEO in order to drive traffic to other websites that would usually be ranked very low or completely…
New Guide on How to Implement HTTPS / SSL Certificate
Alycia Mitchell HTTPS is a hot topic among online marketers and SEO professionals who understand the future of the web needs to be more secure. Not just…
Creating a Basic Website Security Framework
Tony Perez When you build or remodel a house, construction workers create a strong framework that can withstand the elements to keep your home and possessions secure.…
Affiliate Cookie Stuffing in iFrames
Inline frames (iFrames) are an easy way to embed content from another site onto your own. This element allows you to insert another document inside…
Intro to Securing an Online Store
Victor Santoyo Ecommerce websites have one of the most difficult challenges in the web security space – keeping the implicit trust of a customer in order to…
Evil Self-Regenerating WordPress Administrator User
Andrey Kucherov Attackers often aim to conceal their presence using different methods, such as injecting redirect scripts, creating spam pages, or hiding a mailer in checkout pages…
Mining Adminers – Hackers Scan the Internet For DB Scripts
Hackers are constantly scanning the internet for exploitable sites, which is why even small, new sites should be fully patched and protected. At the same…
Google Warnings For Form Input Over HTTP Coming in October
For years, Google has been actively seeking ways to encourage website owners to implement SSL certificates. SSL allows websites to be accessed over HTTPS, which…
When Online Shopping leads to Malware download
Ahmad Azizan Idris Recently, during an incident response process, we worked on an interesting Magento website. This site was reported to having a strange redirection when users visited…