Website Security News
This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting scripts from scripts.trasnaltemyrecords[.]com into multiple files and database tables. This is still the same ongoing campaign that we’ve been following…
Read More about Vulnerable Versions of Adminer as a Universal Infection Vector
Throwback Threat Thursday is a series of posts where we recall older vulnerabilities that have since been patched by their developers. In the past, these vulnerabilities caused significant impacts to…
Read More about Throwback Threat Thursday: JCE Vulnerability
We often find various fake WordPress plugins installed by hackers during website cleanups. Recently, we’ve noticed a new wave of infections that install fake plugins with backdoor functionality. Malicious Plugins…
When cleaning websites, we regularly find phishing pages, malicious code injected into files, and SEO spam. However, over the past couple of months we’ve also noticed a considerable increase in…
Read More about Cryptominers & Backdoors Found in Fake Plugins
Once an attacker manages to hack and gain access to a target site or system, they typically work hard to maintain their access—as long as it can to help them…
These days, we consider a malware campaign massive if it affects a couple thousand websites. However, back in the day when Sucuri first started its operations, the scale of infections…
Read More about TimThumb Attacks: The Scale of Legacy Malware Infections
Most of us are familiar with Neapolitan ice cream: a flavour whose distinguishing characteristic is not one single flavour but several. Many also know it as the ice cream which…
In a previous analysis of a malicious file, we demonstrated why you should always update your email account passwords after a security compromise. The information security threat landscape is always…
Read More about Reset Email Account Passwords after Website Infection: Follow Up
During the past year, our Remediation department has seen a large increase in the number of fully spammed sites. The common factors are strangely named and unusually located favicon.ico files,…
We recently had a client that had a persistent malware infection on their shared hosting environment that would re-infect the files quickly after we had cleaned them. The persistence was…
Read More about Return to the City of Cron – Malware Infections on Joomla and WordPress
Attackers commonly rely on backdoors to easily gain reentry and maintain control over a website. They also use PHP functions to further deepen the level of their backdoors. A good…
