website security – Page 14 – WindowsTechs.com

Creative Phishing for Digital Gold on RuneScape

Posted on February 6, 2020 by Antony Garand

RuneScape is an extremely popular massive multiplayer online game. With over 200 million generated accounts, its claim to fame is that it’s one of the largest free MMORPG’s ever created.
At the current time of writing, 1 million in-game go… Continue reading Creative Phishing for Digital Gold on RuneScape→

Fixing “Uncommon Download” Warnings in Google Search Console

Posted on February 3, 2020 by Alycia Mitchell

Over the past few months, a lot of website owners have received “uncommon download” warnings from Google Search Console. These warnings can be vague, often lacking specific information about where the download is, exactly.
Don’t pani… Continue reading Fixing “Uncommon Download” Warnings in Google Search Console→

Password Attacks 101

Posted on January 31, 2020 by Cesar Anjos

One of the most common attacks carried out nowadays is related to cracking passwords, but most people probably just know about brute-forcing. There are, in fact, other kinds of attacks around passwords.
Let’s take a look at three kinds of passwo… Continue reading Password Attacks 101→

Hacked Website Threat Report – 2019

Posted on January 28, 2020 by Rianna MacLeod

The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities to massively exploit, our team works dilig… Continue reading Hacked Website Threat Report – 2019→

Web Swiper in Image Title

Posted on January 27, 2020 by Denis Sinegubko

Cybercriminals regularly try a variety of approaches to hide their malicious code — web skimmers are well known for using all sorts of obfuscation and masquerading.
Suspicious Img Tag
Our malware analyst Liam Smith recently discovered a suspicio… Continue reading Web Swiper in Image Title→

Personal Online Security – Account Management

Posted on January 24, 2020 by Victor Santoyo

Continuing a series on how to better strengthen your personal online privacy, we are looking to take personal inventory of how we connect online. These were themes covered during our webinar “Security Beyond Your Website: Personal Online Privacy… Continue reading Personal Online Security – Account Management→

Malicious JavaScript Used in WP Site/Home URL Redirects

Posted on January 21, 2020 by Luke Leal

Our team recently found a malicious JavaScript injection within the WordPress index.php theme file on a compromised WordPress website which ultimately redirects site visitors to a survey-for-gifts scam website. At this time of writing, we have seen ov… Continue reading Malicious JavaScript Used in WP Site/Home URL Redirects→

Zen Cart “PayPal” Skimmer

Posted on January 17, 2020 by Luke Leal

While we mostly see skimmers on Magento based websites, this does not mean that less-popular ecommerce platforms are safe from infections with similar payment information stealing malware.
We recently found a case on a lesser known open source ecommer… Continue reading Zen Cart “PayPal” Skimmer→

Authentication Bypass Vulnerability in InfiniteWP Client

Posted on January 16, 2020 by Marc-Alexandre Montpas

An authentication bypass vulnerability affecting more than 300,000 InfiniteWP Client plugin users has recently been disclosed to the public. This plugin allows site owners to manage multiple websites from one central server using the InfiniteWP Server… Continue reading Authentication Bypass Vulnerability in InfiniteWP Client→

Protecting Web Apps Against Client-Side JavaScript Attacks

Posted on January 15, 2020 by Ido Safruti

Many security researchers believe JavaScript attacks are a major threat to web applications. The rise of Magecart, which uses web skimming (or formjacking) to illegally capture credit card and personal information from site visitors, made the threat i… Continue reading Protecting Web Apps Against Client-Side JavaScript Attacks→