Attackers are always trying to come up with new ways to evade detection from the wide range of security controls…
In a previous post, I discussed how attackers can trick website owners into installing malware onto a website — granting…
Often when a website is injected with SEO spam, the owner is completely unaware of the issue until they begin…
According to W3Tech’s data, PrestaShop is among the most popular CMS choices for existing ecommerce websites, so it should come…
We have already shared examples of many kinds of malware that rely on an external gateway to receive or return…
During a routine investigation, we found yet another web skimmer that pretends to be related to Sucuri. One of our…
We sometimes find malware code injections that contain strange code comments, which are normally used by programmers to annotate a…
We’ve seen a wider variety of PHP web shells being used by attackers this year — including a number of…
During malware analysis, we regularly find variations of this injected script on various compromised websites: . The variable “_0x446d” assigns…
This summer, MalwareBytes researcher Jérôme Segura wrote an article about how criminals use image files (.ico) to hide JavaScript credit…