Labs Notes Monthly Recap – Oct/2016
Estevao Avillez In our September Labs Notes Recap, we listed recent discoveries made by our Incident Response and Malware Research Teams. These monthly recaps serve to bridge…
New version of Magento Credit Card stealer in the wild
Cesar Anjos Hacking into Magento sites and injecting code to steal payment information is very profitable and it’s the biggest trend we are seeing in 2016. It is interesting enough to notice that the same group is being responsible for several attacks.
Spotlight: How Big Spring Secures Joomla!
Alycia Mitchell Big Spring Web Development understands the responsibility to their clients extends beyond creating a functional and attractive website. Security and stability are critical components of…
Learning From Buggy WordPress Wp-login Malware
Denis Sinegubko When a site gets hacked, the attack doesn’t end with the malicious payload or spam content. Hackers know that most website administrators will clean up…
WordPress Theme Mailing Script being exploited in the wild
Rodrigo Escobar A few weeks ago, we posted a lab notes describing a good theme file being exploited by attackers to send mass-mailing SPAM (http://labs.sucuri.net/?note=2016/08/15 0:00). Upon…
Joomla Exploits in the Wild Against CVE-2016-8870 and CVE-2016-8869
Daniel Cid Exactly 3 days ago, the Joomla team issued a patch for a high-severity vulnerability that allows remote users to create accounts and increase their privileges…
PrestaShop Login Stealer
Moe O Lately, we’ve noticed an increase of login credentials stealing attempts and techniques targeting e-commerce based websites. These websites usually have sensitive information (credit card &…
Details on the Privilege Escalation Vulnerability in Joomla
Marc-Alexandre Montpas Yesterday, Joomla! 3.6.4 was released, patching a critical privilege escalation and arbitrary account creation vulnerability. As we’ve seen some exploits attempts occurring in the wild,…
Magento Login credentials stealer
While investigating a compromised Magento-based ecommerce website, we found a malicious code that’s being used to steal and maintain unauthorized access to user accounts. This…
Joomla Account Creation Vulnerability
The Joomla team released a patch for a serious security vulnerability affecting all Joomla versions from 3.4.4 and up. If you’re using one of these…
Malicious WordPress Subdirectory Installs For SEO Spam
Fernando Barbosa Remediating over 500 infected sites per day, we see attacks executed at varying levels of complexity. The tactics attackers use to compromise a site provide…