Bruno Zanelato – WindowsTechs.com

Product Update: Sucuri Firewall in Sophia

Posted on December 11, 2019 by Bruno Zanelato

Sucuri provides security for websites with the protection of our Web Application Firewall (WAF). We also have our proprietary Anycast content delivery network (CDN) that adds the performance benefits of a CDN to all our WAF users.
We been adding data … Continue reading Product Update: Sucuri Firewall in Sophia→

W97M/Downloader Malware Dropper Served from Compromised Websites

Posted on May 20, 2019 by Bruno Zanelato

W97M/Downloader is part of a large banking malware operation that peaked in March 2016. Bad actors have been distributing this campaign for well over a year, which serves as a doorway to Vawtrak and Dridex banking trojans. This malware campaign target… Continue reading W97M/Downloader Malware Dropper Served from Compromised Websites→

Backdoor Uses Paste Site to Host Payload

Posted on September 18, 2018 by Bruno Zanelato

Finding backdoors is one of the biggest challenges of a website security analyst, as backdoors are designed to be hidden in case the malware is found and removed.
Website Backdoors
A backdoor is a piece of malware that attackers leave b… Continue reading Backdoor Uses Paste Site to Host Payload→

SF9 Realex Magento Module Targeted by Credit Card Scrapers

Posted on March 10, 2017 by Bruno Zanelato

Attackers are constantly developing new techniques to compromise ecommerce websites and steal sensitive data. Over the last several weeks, we tracked massive attacks against Magento sites where attackers are injecting malicious scripts that create functions designed to steal credit card information.

This technique is not restricted to Magento core files. These days, attackers are trying different methods to get access to the payment card data. For that reason, I’d like to describe some interesting credit card scrapers for Magento that are on the rise.

Continue reading SF9 Realex Magento Module Targeted by Credit Card Scrapers at Sucuri Blog.

Continue reading SF9 Realex Magento Module Targeted by Credit Card Scrapers→

Joomla Security – Pornography Spam Campaign in the Wild

Posted on February 20, 2017 by Bruno Zanelato

One of the worst experiences for a website owner is finding out that the search results for your site have turned into a pharmacy, a fashion outlet, or even a porn dump.

Those unwanted keywords are a result of Search Engine Poisoning (SEP) attacks. This blackhat SEO technique is used by attackers to take advantage of your rankings on Search Engine Result Pages (SERPs).

One of the ways that hackers avoid being noticed is to hide the spam content from normal visitors.

Continue reading Joomla Security – Pornography Spam Campaign in the Wild at Sucuri Blog.

Continue reading Joomla Security – Pornography Spam Campaign in the Wild→

Session Stealer Script Used In OpenCart

Posted on December 29, 2016 by Bruno Zanelato

With so many open-source ecommerce platforms available in the market, selling online is an appealing and easy option for any store owner. In a few clicks you can set up an online storefront and sell your products.
While the process to get the site up m… Continue reading Session Stealer Script Used In OpenCart→

WordPress Hack Modifies Core Files to Share Spam

Posted on October 4, 2016 by Bruno Zanelato

One of the worst feelings a website owner can experience is discovering that your site has been hacked. Without proper security measures in place, even website owners with the best intentions can lose control of their website. When hackers gain access … Continue reading WordPress Hack Modifies Core Files to Share Spam→