Website Security News
Malicious cron jobs are nothing new; we’ve seen attackers use them quite frequently to reinfect websites. However, in recent months we’ve noticed a distinctive new wave of these infections that appears to be closely related to this article about a backdoor that we’ve been tracking….
Read More about Attackers Abuse Cron Jobs to Reinfect Websites
Nulled WordPress themes and plugins are a controversial topic for many in the web development world — and arguably one of the bigger threats to WordPress security. Essentially modified versions…
Read More about The Dangers of Installing Nulled Themes & Plugins On WordPress
Attackers are always looking for new ways to conceal their malware and evade detection, whether it’s through new forms of obfuscation, concatenation, or — in this case — unorthodox use…
Every so often attackers register a new domain to host their malware. In many cases, these new domains are associated with specific malware campaigns, often related to redirecting legitimate website…
Read More about Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network
Written in PHP and JavaScript, FreePBX is a web-based open-source GUI that manages Asterisk, a voice over IP and telephony server. This open-source software allows users to build customer phone…
Read More about Backdoor Targets FreePBX Asterisk Management Portal
Readers of this blog should already be familiar with SocGholish: a widespread, years-long malware campaign aimed at pushing fake browser updates to unsuspecting web users. Once installed, fake browser updates…
Read More about New SocGholish Malware Variant Uses Zip Compression & Evasive Techniques
Malware authors, with some notable exceptions, tend to design their malicious code to hide from sight. The techniques they use help their malware stay on the victim’s website for as…
Read More about Wordfence Evasion Malware Conceals Backdoors
WordPress security is serious business – and an essential consideration for anyone using the world’s most popular CMS (Content Management System). While the WordPress team quickly addresses known security issues…
Read More about Top 5 Most Common WordPress Malware Infections: An Anatomy Lesson
The AnonymousFox hack targets insecure websites and actively exploits them to spread phishing, spam, and other malware. A major nuisance for website owners, it also happens to be one of…
Read More about How to Find & Clean Up the AnonymousFox Hack
The threat landscape is constantly shifting. As attackers continue to hone their tools and exploit new vulnerabilities, our team works diligently to identify and analyze threats posed to webmasters. So…
Recently, Avast’s researchers Pavel Novák and Jan Rubín posted a detailed writeup about the “Parrot TDS” campaign involving more than 16,500 infected websites. Such massive infections don’t go unnoticed by…
Read More about Analysis of the Massive NDSW / NDSX Malware Campaign
