Collaborate Disseminate
Highlights for June 2020
Cross site scripting is still the most common vulnerability in WordPress Plugins. Bad actors are taking advantage of the lack of restrictions in critical functions and issues surrounding user input data sanitization.
Massive … Continue reading Vulnerabilities Digest: June 2020
In 2020, we doubled up our research efforts to report on many new attacks and hacks that we see in the wild. We believe that being informed is a big part of having a good website security posture.
Sucuri Labs provides website malware research updates … Continue reading Labs Notes Monthly Recap – May/2020
In 2020, we doubled up our research efforts to report on many new attacks and hacks that we see in the wild. We believe that being informed is a big part of having a good website security posture.
Sucuri Labs provides website malware research updates … Continue reading Labs Notes Monthly Recap – April/2020
Throwback Threat Thursday is a series of posts where we recall older vulnerabilities that have since been patched by their developers. In the past, these vulnerabilities caused significant impacts to the security of website owners. Some vulnerable sit… Continue reading Throwback Threat Thursday: WordPress 4.7 WP-JSON Content Injection Vulnerability
Before we get into the details of “Cryptocurrency Mining Malware”, we need to understand first what cryptocurrency is and what miners are.
What is Cryptocurrency?
Cryptocurrency is best thought of as digital currency and it only exis… Continue reading What is Cryptocurrency Mining Malware?
W97M/Downloader is part of a large banking malware operation that peaked in March 2016. Bad actors have been distributing this campaign for well over a year, which serves as a doorway to Vawtrak and Dridex banking trojans. This malware campaign target… Continue reading W97M/Downloader Malware Dropper Served from Compromised Websites
In the past couple of years, we’ve been tracking a long-lasting campaign responsible for injecting malicious scripts into WordPress sites.
This campaign leverages old vulnerabilities (patched a long time ago) found in a variety of outdated theme… Continue reading From .tk Redirects to PushKa Browser Notification Scam
After recent publication of the Uncommon Radixes Used in Malware Obfuscation article, we found an interesting Twitter thread involving @EKFiddle and @Ledtech3
#EKFiddle [Regex update]: Added Radix Web Skimmer identified by @unmaskparasites (https://t…. Continue reading More on Dnsden[.]biz Swipers and Radix Obfuscation
Most websites today use cookies. Since May 25th, 2018, all websites that do business in the European Union (EU) had to make some changes to be compliant with the EU General Data Protection Regulation (GDPR). Even though cookie usage is mentioned only … Continue reading Cookie Consent Script Used to Distribute Malware
In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins, and PayPal credentials. That is why we have reported on a credit card stealer reinf… Continue reading Magento Credit Card Stealer Reinfector