Reset Email Account Passwords after Website Infection: Follow Up

Reset Email Account Passwords after Website Infection: Follow Up

In a previous analysis of a malicious file, we demonstrated why you should always update your email account passwords after a security compromise. The information security threat landscape is always changing. Likewise, ...
The Strange Case of the Malicious Favicon

The Strange Case of the Malicious Favicon

During the past year, our Remediation department has seen a large increase in the number of fully spammed sites. The common factors are strangely named and unusually located favicon.ico files, along with ...
Stolen Payment Data: Infected Ecommerce Website to Darknet Markets

Stolen Payment Data: Infected Ecommerce Website to Darknet Markets

The final actor of the stolen payment data supply chain is the end user. Rather than just selling or reselling payment data, the end user plans on fraudulently monetizing it. This malicious ...
Magento Killer

Magento Killer

A malicious PHP script, aptly given the name “Magento Killer” by its creator(s), has been found targeting Magento websites. While it doesn’t actually kill the Magento installation, it does allow the attacker ...
Why It's Important to Update Your Website

Spam That Fits Your Website

Most of the time when we talk about spam, we think about mindless machines that create posts or comments to advertise a business related to drugs, accessories, or essays. But what if ...
Massive 1800ForBail WordPress Hacks

Massive 1800ForBail WordPress Hacks

Sucuri malware analyst Kaushal Bhavsar recently brought our attention to a massive campaign responsible for adding either “1800ForBail” or “1800ForBail – One+Number” keywords to the titles of vulnerable WordPress sites. 1800ForBail in ...
Fake Instagram Verification

Fake Instagram Verification

Across various social media platforms there are verification checkmark symbols that appear near the name of the account’s page we view. For example, this verified account indicator seen from our our Twitter ...
W97M/Downloader Malware Dropper Served from Compromised Websites

W97M/Downloader Malware Dropper Served from Compromised Websites

W97M/Downloader is part of a large banking malware operation that peaked in March 2016. Bad actors have been distributing this campaign for well over a year, which serves as a doorway to ...
How Stolen Ecommerce Data is Sold on the Darknet

How Stolen Ecommerce Data is Sold on the Darknet

We have recently published posts regarding banking malware and some of the ways it uses compromised websites to infect victim’s devices (smartphones, computers, POS terminals). Now let us look into some of ...

Insufficient Privilege Validation in WooCommerce Checkout Manager

Due to the poor handling of a vulnerability disclosure, a new attack vector has appeared for the WooCommerce Checkout Manager WordPress plugin and is affecting over 60,000 sites. If you are using ...
Loading...