- Risks For E-commerce Site Owners Through the Holidays 22 November 2017
Shopping season is here, and with that, so is the opportunity for ecommerce site owners to grow their revenue and reputation. However, hackers are also busy infecting ecommerce websites with malware, such as:
- Credit Card Swipers
- Malicious Payment Gateways
- Malware Downloads
Now is the time when attackers target those last-minute shoppers buying products online.
Over the last few years, it has become increasingly popular for attackers to execute credit card fraud against ecommerce shoppers generating big money by abusing and selling stolen customer information.
- How to Avoid Malicious Cyber Monday Campaigns 15 November 2017
As consumers prepare to take advantage of the discounts and promotions for the Black Friday and Cyber Monday ecommerce holidays, bad actors are crafting fraudulent websites, phishing, and malware campaigns to capitalize on the profits.
In past years, targeted Cyber Monday phishing emails posed a huge risk to consumers. These emails, designed to appear from a legitimate company or online retailer, often redirected recipients to a fake website where they request PINs or other sensitive financial information and can potentially lead to identity theft or fraudulent transactions.
- SQL Injection in bbPress 13 November 2017
During regular audits of our Sucuri Firewall (WAF), one of our researchers at the time, Slavco Mihajloski, discovered an SQL Injection vulnerability affecting bbPress. If the proper conditions are met, this vulnerability is very easy to abuse by any visitors on the victim’s website.
Because details about this vulnerability have been made public today on a Hackerone report, and updating to the latest version of WordPress fixes the root cause of the problem, we chose to disclose this bug and make the details public.
- Why Attackers Hack Small Sites 8 November 2017
You would never leave the front door to your house wide open when you’re not home would you? Doing so would allow criminals to seize the opportunity of stealing your valuables. That’s the same way you can look at website hacking. Leaving your website unprotected is like establishing an open-door policy with hackers, giving them access to view sensitive information and modify your website content.
Hackers view your site as a possible tool for their end purpose.
- New WordPress Security Guide 3 November 2017
WordPress has become the most popular CMS and now powers over 28% of the web. With over 60 million downloads, its popularity makes it a prime target for malicious hackers that are looking for vulnerabilities to exploit. If an attacker is able to gain unauthorized access into an insecure website, they can leverage valuable resources for malware or spam campaigns, harming a website’s visitors and reputation.
Our new guide is intended to educate WordPress administrators on basic security techniques and steps to help improve your security posture.
- Cryptominers on Hacked Sites – Part 2 25 October 2017
Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive miners into compromised sites without the consent of the website owners.
We reviewed two types of infections that affected WordPress and Magento sites, and have been monitoring the malicious use of the CoinHive cryptominer. What we are discovering is that there are more and more attacks in the wild using cryptominers, which affects all major CMS platforms.
- Malware Serving SEO Spam from External Sites 18 October 2017
We handle an enormous number of SEO spam infections here at Sucuri. In Q3 of 2016, approximately 37% of all website infection cases were related to SEO spam campaigns through PHP, database injections or .htaccess redirects.
An SEO spam infection can be devastating to a website’s credibility and reputation. Many website owners recognize and appreciate the enormous effort involved in carefully creating and optimizing pages for search engines. Unfortunately, attackers don’t care about the size of your website – even if you’ve just started out, you can still be targeted for quick, cheap SEO.
- Mayhem Malware Server Botnet Continues to Evolve 12 October 2017
Three years ago, researchers at Yandex discovered a complex server infection, dubbed Mayhem, that embeds itself deep within a system by compiling a shared object and running as a service. This also allows the malware to operate under restricted privileges, and is difficult to clean up effectively – even if an infected site gets restored from a backup, the malware would still be there.
Mayhem is essentially a malicious bot for web servers.
- Credit Card Stealer Investigation Uncovers Malware Ring 10 October 2017
During a recent investigation, I found a new piece of malicious code being used to steal credit card information from compromised Magento sites.
What I didn’t know was how many domains would be uncovered as part of the malware campaign. Each of the malicious domain names was specifically chosen to appear as legitimate as possible to the website owner. The hosting provider used for these domains also turned out to be used for much more.
- Website Hosting: Security Awareness Can Reduce Costs 3 October 2017
Website hosting security has matured in recent years. Naturally, the types of security issues have changed because of it. For example, cross-contamination over multiple shared hosting accounts used to be a major problem for large website hosting providers, but this isn’t really a huge threat today. However, malware attacks and other website security-related issues at the account level, are still very real problems. Just ask anyone who has had their website defaced, redirected, or abused in phishing attacks.
- Fake Plugins, Fake Security 28 September 2017
Update: The plugin name is fake and has nothing to do with the well-known WP-SpamShield plugin in the official WordPress plugin repository.
WordPress users are becoming increasingly more aware of security threats and as a result, they are taking more actions to secure their websites (e.g. by installing security plugins). While this is a good thing, there are always black hats trying to take advantage of new opportunities to compromise websites.