Collaborate Disseminate
Our security analyst Moe Obaid recently found yet another variation of a web skimmer script injected into a Magento database.
The malicious script loads the credit card stealing code from qr201346[.]pw and sends the stolen details to hxxps://gooogleta… Continue reading Web Skimmer with a Domain Name Generator
A vulnerability in the discontinued WordPress theme OneTone has been added to an ongoing campaign that is targeting vulnerable WordPress websites and causes malicious redirects through domains like ischeck[.]xyz.
This specific wave uses the XSS vulner… Continue reading OneTone Vulnerability Leads to JavaScript Cookie Hijacking
While working on a recent case, I found something on a WordPress website that is not as common as on Magento environments: A credit card swiper injection.
Typically this type of malware targets dedicated ecommerce platforms such as Magento and Prestas… Continue reading Analysis of a WordPress Credit Card Swiper
Online bad actors tend to take advantage of tragedy for their own gain – and the coronavirus is no different.
While we would hope that cybercriminals would be sympathetic during a global health crisis, it already appears this may be a pipe dream… Continue reading Safe Browsing During a Pandemic: How to Spot COVID-19 Phishing Campaigns
We regularly talk about brute force attacks on WordPress sites and explain why WordPress credentials should always be unique, complex, and hard to guess.
However, the WordPress login is not the only point of entry that hackers use to break into sites…. Continue reading WordPress Database Brute Force and Backdoors
One of our remediation analysts Eli Trevino recently discovered a phishing page informing victims about fake Netflix service disruptions, supposedly due to problems with the victim’s payment method.
The phishing page prompts victims to provide t… Continue reading 3-D Secure SMS-OTP Phishing
We were recently contacted by a website owner about some malicious injected spam links that were being indexed by Google’s search engine crawler Googlebot.
What was especially frustrating for the website owner was that these spammy links were no… Continue reading Abused Cloudflare Workers Service Used to Inject Korean SEO Spam
RuneScape is an extremely popular massive multiplayer online game. With over 200 million generated accounts, its claim to fame is that it’s one of the largest free MMORPG’s ever created.
At the current time of writing, 1 million in-game go… Continue reading Creative Phishing for Digital Gold on RuneScape
The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities to massively exploit, our team works dilig… Continue reading Hacked Website Threat Report – 2019
Cybercriminals regularly try a variety of approaches to hide their malicious code — web skimmers are well known for using all sorts of obfuscation and masquerading.
Suspicious Img Tag
Our malware analyst Liam Smith recently discovered a suspicio… Continue reading Web Swiper in Image Title