Website Security News
Note: We’ve updated this post to reflect the evolving security standards around mixed content, SSLs, and server access as a whole. With the web’s increased emphasis on security, all sites should operate on HTTPS. Installing an SSL allows you to make that transition with your…
Read More about How to Find & Fix Mixed Content Issues with SSL / HTTPS
During a recent investigation, our team found malicious code that reveals how attackers are performing reconnaissance to identify if sites are actively using WooCommerce in a compromised hosting environment. These…
Read More about WordPress Malware Collects Sensitive WooCommerce Data
We’re constantly seeing news about computers being infected by ransomware, but very little do we hear about it affecting websites. That being said, the impact can be serious if the…
Read More about Analyzing & Decrypting L4NC34’s Simple Ransomware
The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities…
In our last post in this series, we took a look at a code snippet that had been encoded in a very specific way — and hidden 91 layers deep….
Migrating your website to HTTPS may seem like a simple task. Get the TLS/SSL certificate, install it on your web server, and you’re done. The real pain for large projects,…
During a recent cleanup, we found an interesting malicious WordPress plugin, “WP Security”, that was being used to encrypt blog post content. The website owner complained of a newly installed…
Read More about Malicious Plugin Used to Encrypt WordPress Posts
This file (33×77.php) was detected in the document root of a website during a website cleanup for a client. It demonstrates how hackers sometimes use comments or other text within…
Read More about “Loader for Secured Files” and arrayed b374k shell encoding
In the past, we’ve mentioned how the PHP XOR bitwise operator (represented by the caret ^) can be used to encrypt a malware’s source code. This operator makes it more…
Read More about PHP Backdoor Evaluates XOR Encrypted Requests
OK, so we’ve all been there. We want something Premium, such as a paid version of an app or piece of software, but it would be great not having to…
It isn’t easy to be secure all the time — this is especially true if you are new to cybersecurity. A well-formed security plan takes deliberate effort at the very…
Read More about Safer Internet Day: Security vs. Convenience
