website security – Page 17 – WindowsTechs.com

How to Recognize a Phishing Campaign

Posted on November 20, 2019 by Antony Garand

Phishing attacks and campaigns have always been a hot topic in online security. With many posts tagged as “phishing” on our blog — the first one being over nine years old now — we’ve seen our fair share of phishing attemp… Continue reading How to Recognize a Phishing Campaign→

Down the Malware Rabbit Hole: Part II

Posted on November 18, 2019 by Cesar Anjos

In our last post in this series, we took a look at a code snippet that had been encoded in a very specific way — and hidden 91 layers deep.
Today, we’ll reveal how attackers achieve this level of encoding and investigate one of the many po… Continue reading Down the Malware Rabbit Hole: Part II→

Website, Know Thyself: What Code Are You Serving?

Posted on November 14, 2019 by Tony Lauro

Code-injection via third- and fourth-party scripts — as seen with Magecart — is a growing security problem for websites. Continue reading Website, Know Thyself: What Code Are You Serving?→

Mixed Content Warnings in Google Chrome

Posted on November 14, 2019 by Peter Kankowski

Migrating your website to HTTPS may seem like a simple task. Get the TLS/SSL certificate, install it on your web server, and you’re done.
The real pain for large projects, however, is changing http:// resources to https://. These resources inclu… Continue reading Mixed Content Warnings in Google Chrome→

4 Best Free Online Security Tools for SMEs in 2020

Posted on November 14, 2019 by The Hacker News

Cyberattacks on small and midsized companies in 2019 cost $200,000 per company on average, mercilessly putting many of them out of business, says CNBC in its analysis of a recent Accenture report. In light of the global cybersecurity skills shortage, t… Continue reading 4 Best Free Online Security Tools for SMEs in 2020→

Malicious Android Application Used in Phishing Scam

Posted on November 13, 2019 by Krasimir Konov

While we deal with a lot of phishing cases, we rarely see mobile applications used as part of a phishing campaign—these apps add a layer of complexity to the process which deters some bad actors from incorporating into their attack.
To launch a … Continue reading Malicious Android Application Used in Phishing Scam→

Why Reinfections Happen with a WAF

Posted on November 11, 2019 by Luke Leal

A web application firewall (WAF) is a great way to detect and filter incoming malicious requests before they can exploit website vulnerabilities and security flaws. While a WAF helps protect against threats over HTTP/HTTPS, the website can still be ha… Continue reading Why Reinfections Happen with a WAF→

Vulnerable Versions of Adminer as a Universal Infection Vector

Posted on November 9, 2019 by Denis Sinegubko

This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting scripts from scripts.trasnaltemyrecords[.]com into multiple files and database tabl… Continue reading Vulnerable Versions of Adminer as a Universal Infection Vector→

Explained: How New ‘Delegated Credentials’ Boosts TLS Protocol Security

Posted on November 6, 2019 by Unknown

Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called “Delegated Credentials for TLS.”

Delegated Credentials for TLS is a new simplified way … Continue reading Explained: How New ‘Delegated Credentials’ Boosts TLS Protocol Security→

Pharma Spam Redirects to .su & .eu Sites

Posted on November 4, 2019 by Denis Sinegubko

We regularly clean all sorts of black hat SEO infections. During these infection cleanups, we often find compromised websites redirecting visitors to fake “Canadian Pharmacy” landing pages selling counterfeit men’s health pills from … Continue reading Pharma Spam Redirects to .su & .eu Sites→