Vulnerabilities Digest: June 2020

Highlights for June 2020 Cross site scripting is still the most common vulnerability in WordPress Plugins. Bad actors are taking advantage of the lack of restrictions in critical functions and issues surrounding ...
Evasion Tactics in Hybrid Credit Card Skimmers

Evasion Tactics in Hybrid Credit Card Skimmers

The most common type of Magento credit card stealing malware is client-side JavaScript that grabs data entered in a checkout form and sends it to a third-party server controlled by the attackers ...

WordPress Malware Collects Sensitive WooCommerce Data

During a recent investigation, our team found malicious code that reveals how attackers are performing reconnaissance to identify if sites are actively using WooCommerce in a compromised hosting environment. These compromised websites ...
PinnacleCart Server-Side Skimmers and Backdoors

PinnacleCart Server-Side Skimmers and Backdoors

While open-source ecommerce platforms are the most common targets for web skimmers, hackers also target paid-for software — especially if it’s used on high-profile online stores with large user-bases. This time, our ...
WordPress Database Brute Force and Backdoors

WordPress Database Brute Force and Backdoors

We regularly talk about brute force attacks on WordPress sites and explain why WordPress credentials should always be unique, complex, and hard to guess. However, the WordPress login is not the only ...
How Passwords Get Hacked - Sucuri Security

What is Cross-Site Contamination?

How many websites do you currently have on your server? If the answer is something along the lines of, “One that I really care about, some older ones that I don’t really ...
Vulnerable Versions of Adminer as a Universal Infection Vector

Vulnerable Versions of Adminer as a Universal Infection Vector

This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting scripts from scripts.trasnaltemyrecords[.]com into multiple files and ...
Autoloaded Server-Side Swiper

Autoloaded Server-Side Swiper

Front-end JavaScript-based credit card stealing malware has garnered a lot of attention within the security community. This makes sense, since the “swipers” can be easily detected by simply scanning the web pages ...
What is Cross-Site Contamination & How to Prevent It

How to Prevent Cross-Site Contamination for Beginners

What is Cross-Site Contamination? Cross-site contamination happens when a hacked site infects other sites on a shared server. Think of it as your kid in daycare catching the flu, next thing you ...
Cryptominers: Binary-Process-Cron Variants and Methods of Removal

Cryptominers: Binary-Process-Cron Variants and Methods of Removal

This post provides a brief overview of how to manually remove server-side cryptominers and other types of Binary-Process-Cron malware from a server. Unlike browser-based JavaScript cryptominers that have been injected into a ...