2023 Hacked Website & Malware Threat Report
Rianna MacLeod Education is essential for defending your website against emerging threats. That’s why we are thrilled to share our 2023 Hacked Website & Malware Threat Report.…
Browsing Tag
Webserver Infections
46 posts
Web Shells: Types, Mitigation & Removal
Cesar Anjos Web shells are malicious scripts that give attackers persistent access to compromised web servers, enabling them to execute commands and control the server remotely. These…
Detecting & Mitigating an Office 365 Phishing Threat: “Greatness”
Krasimir Konov Emerging in 2022, a phishing tool known as Greatness has caught the attention of our research team due to its coordinated efforts to breach Microsoft…
Vulnerabilities Digest: June 2020
John Castro Highlights for June 2020 Cross site scripting is still the most common vulnerability in WordPress Plugins. Bad actors are taking advantage of the lack of…
Evasion Tactics in Hybrid Credit Card Skimmers
Denis Sinegubko The most common type of Magento credit card stealing malware is client-side JavaScript that grabs data entered in a checkout form and sends it to…
WordPress Malware Collects Sensitive WooCommerce Data
Luke Leal During a recent investigation, our team found malicious code that reveals how attackers are performing reconnaissance to identify if sites are actively using WooCommerce in…
PinnacleCart Server-Side Skimmers and Backdoors
While open-source ecommerce platforms are the most common targets for web skimmers, hackers also target paid-for software — especially if it’s used on high-profile online…
WordPress Database Brute Force and Backdoors
We regularly talk about brute force attacks on WordPress sites and explain why WordPress credentials should always be unique, complex, and hard to guess. However,…
What is Cross-Site Contamination?
Juliana Lewis How many websites do you currently have on your server? If the answer is something along the lines of, “One that I really care about,…
Vulnerable Versions of Adminer as a Universal Infection Vector
This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting…
Autoloaded Server-Side Swiper
Front-end JavaScript-based credit card stealing malware has garnered a lot of attention within the security community. This makes sense, since the “swipers” can be easily…