Website Security News
Last year we took a look at how attackers were infecting Drupal installations to spread their spam and keep their campaigns going by just including a malicious file in each visitor’s session. If your Drupal site has been compromised, we also recently release a new…
Read More about Evolution of Conditional Spam Targeting Drupal Sites
Several months ago, our research team identified a fake analytics infection, known as RealStatistics. The malicious Javascript injection looks a lot like tracking code for a legitimate analytics service. RealStatistics…
Read More about WordPress Security – Fake TrafficAnalytics Website Infection
Navigating the web on a mobile device can be tricky even when you’re browsing clean sites. If hackers are involved, the frustration of a pop-up can turn into the dangerous…
When dealing with compromised scenarios, our team has to be very thorough to remove all pieces of malware in the infected website. Most of the time attackers don’t inject single…
Read More about Web shell downloader – simple attempt to avoid detection
Having your website hacked can be a devastating experience for any website owner. Unfortunately, many website owners rarely know they are infected until days, if not weeks, after the compromise…
Update 9/14/16: We released a new guide that provides better instructions on how to clean a hacked WordPress site using the Free WordPress security plugin. We’ve been working on a…
Read More about WordPress Redirect Hack via Test0.com/Default7.com
We frequently clean blacklisted websites and submit reconsideration requests to have them de-listed. We have encountered many kinds of blacklist warnings including search engines, anti-virus programs, firewalls and and e-mail spam….
Every once in a while we get a case that makes us dig deep to find answers. We have spoken before about the trouble with forensics and reasons why websites…
Yesterday we observed a strange short return of the SweetCaptcha plugin to WordPress.org repository. In June we reported that SweetCaptcha injected third-party ad code to their scripts which lead to…
Read More about SweetCAPTCHA Returns Hijacking Another Plugin
SweetCaptcha is a free CAPTCHA service that offers to match “sweet” images instead of making you recognize distorted digits and characters. It has integrations with many website platforms including; pure…
Read More about SweetCAPTCHA Service Used to Distribute Adware
When talking about defense against malicious hacks, the attack vector is a common topic for Information Security (InfoSec) professionals. The primary concern is to understand the anatomy of the attack…
Read More about The Art of Website Malware Removal – The Basics
