Collaborate Disseminate
If you haven’t updated your WordPress website since October 2013, this wouldn’t affect you, but we strongly hope that is not the case! There’s a new object injection vulnerability which affects WordPress versions 3.7 to 5.7.1. Be sure to get updated t… Continue reading Object Injection Vulnerability Affects WordPress Versions 3.7 to 5.7.1
When it comes to an organization’s security, business email compromise (BEC) attacks are a big problem. One primary reason impacts are so significant is that attacks often use a human victim to authorize a fraudulent transaction to bypass existing sec… Continue reading Trojan Spyware and BEC Attacks
Over the past year, there’s been an increasing trend of WordPress malware using SQL triggers to hide malicious SQL queries within compromised databases. These queries inject an admin level user into the infected database whenever the trigger condition… Continue reading SQL Triggers in Website Backdoors
It’s common knowledge that attackers often use email as a delivery mechanism for their malicious activity — which can range from enticing victims to click a phishing URL or download a malicious attachment.
To support these activities, attackers seek o… Continue reading Phishing & Malspam with Leaf PHPMailer
A Magento website owner was concerned about malware and reached out to our team for assistance. Upon investigation, we found the website contained a PHP injection in one of the Magento files: ./app/code/core/Mage/Payment/Model/Method/Cc.php
…
if ($_… Continue reading Magento PHP Injection Loads JavaScript Skimmer
We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page in real time. What our investigation revealed was that attackers were leveraging PIX, a new payme… Continue reading Real-Time Phishing Kit Targets Brazilian Central Bank
As vital assets for many business operations, websites and their hosting servers are often the target of ransomware attacks — and if they get taken offline, this can cause major issues for a business’ data, revenue, and ultimately reputation.
The wors… Continue reading Obfuscation Techniques in Ransomweb “Ransomware”
Identifying website backdoors is not always an easy task. Since a backdoors primary function is to conceal itself while providing unauthorized access, they are often developed using a variety of techniques that can make it challenging to detect.
For e… Continue reading Evaluating Cookies to Hide Backdoors
A client recently reported their customers were receiving antivirus warnings when trying to access and purchase products from a Magento ecommerce website. This is almost always a telltale sign that something is amiss, and so I began my investigation.
… Continue reading Bogus CSS Injection Leads to Stolen Credit Card Details
It’s not unusual to see website owners running things on a budget. Choosing a safe and reliable hosting company, buying a nice domain name, boosting posts on social media, and ranking on search engines — all this costs a lot of money. At the end of th… Continue reading SEO Spam Links in Nulled Plugins