Vulnerabilities Digest: June 2020
John Castro Highlights for June 2020 Cross site scripting is still the most common vulnerability in WordPress Plugins. Bad actors are taking advantage of the lack of…
Browsing Tag
Webserver Infections
43 posts
Evasion Tactics in Hybrid Credit Card Skimmers
Denis Sinegubko The most common type of Magento credit card stealing malware is client-side JavaScript that grabs data entered in a checkout form and sends it to…
WordPress Malware Collects Sensitive WooCommerce Data
Luke Leal During a recent investigation, our team found malicious code that reveals how attackers are performing reconnaissance to identify if sites are actively using WooCommerce in…
PinnacleCart Server-Side Skimmers and Backdoors
While open-source ecommerce platforms are the most common targets for web skimmers, hackers also target paid-for software — especially if it’s used on high-profile online…
WordPress Database Brute Force and Backdoors
We regularly talk about brute force attacks on WordPress sites and explain why WordPress credentials should always be unique, complex, and hard to guess. However,…
What is Cross-Site Contamination?
Juliana Lewis How many websites do you currently have on your server? If the answer is something along the lines of, “One that I really care about,…
Vulnerable Versions of Adminer as a Universal Infection Vector
This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting…
Autoloaded Server-Side Swiper
Front-end JavaScript-based credit card stealing malware has garnered a lot of attention within the security community. This makes sense, since the “swipers” can be easily…
Multi-Vector Attack in Server Logs
We recently noticed an increase on suspicious requests in our logs which reveal a planned attack against the Social Warfare plugin. Bad actors added this…
How to Prevent Cross-Site Contamination for Beginners
Josh Hammer What is Cross-Site Contamination? Cross-site contamination happens when a hacked site infects other sites on a shared server. Think of it as your kid in…
Cryptominers: Binary-Process-Cron Variants and Methods of Removal
Tyler Lancy This post provides a brief overview of how to manually remove server-side cryptominers and other types of Binary-Process-Cron malware from a server. Unlike browser-based JavaScript…