Attackers Silently add new user with Administrator role to WordPress sites
Yuliyan Tsvetkov Attackers tend to get smarter in order to avoid detection, as well as gain access to your WordPress site. They use legit functions of the…
SEO Spam Campaign Exploiting WordPress REST API Vulnerability
Denis Sinegubko Just over a week ago, WordPress released version 4.7.3 to patch multiple security issues. Despite the automatic update feature provided by many hosting companies, there…
doc.google.com.TROJAN
Fernando Barbosa During an incident response process, we identified some files located at a website’s root folder. Although they had different filenames (post.php, news.php, home.php, etc), they…
Stored XSS in WordPress Core
Marc-Alexandre Montpas As you might remember, we recently blogged about a critical Content Injection Vulnerability in WordPress which allowed attackers to deface vulnerable websites. While our original disclosure only…
SF9 Realex Magento Module Targeted by Credit Card Scrapers
Bruno Zanelato Attackers are constantly developing new techniques to compromise ecommerce websites and steal sensitive data. Over the last several weeks, we tracked massive attacks against Magento…
Set your Cookie, Execute a Command
Backdoors evolve. They tend to get more complex, harder to understand and harder to decode, but this is not always the case. Most of the…
Bank Phishing Incident Analysis
Fioravante Souza Everyone has received a phishing scam via email at one point or another. Thanks to modern anti-spam technology, most of these messages are blocked from…
One, two, three… CC stolen!
Attackers work hard to make their code very well hidden from the victim and antivirus products, however they might leave some fingerprints (usually not on…
vBulletin Used to Show Malicious Advertisements
Cesar Anjos In the past, we have seen a massive amount of vBulletin websites compromised through the VBSeo Vulnerability. Attackers have been infecting vBulletin websites since 2012…
Labs Notes Monthly Recap – Feb/2017
Estevao Avillez Every month we recap the latest posts on Sucuri Labs, written by our Malware Research Team (MRT) and Incident Response Team (IRT). The Sucuri Labs…
Monetized JavaScript Redirect to Free Porn Webcams for Mobile Devices
Attackers will do desperate and obvious things to boost the views of their ‘customers’. On a daily basis we find different malicious redirects (some are…