- Stolen Payment Data: Infected Ecommerce Website to Darknet Markets 16 July 2019
The final actor of the stolen payment data supply chain is the end user. Rather than just selling or reselling payment data, the end user plans on fraudulently monetizing it.
This malicious end user typically buys payment data in limited quantities, since:
- The price per stolen data greatly increases from when it was originally sold by the source.
- There’s an unknown amount of time until the financial institution revokes the issued stolen data.
- The Cost of a Hacked Website – Survey 16 July 2019
As part of our commitment to the website security community, we want to know the true impacts of a website compromise from the owner’s perspective.
If you are a business that has dealt with any type of website attack, your participation in this six-minute survey will help us improve our services and support website owners like yourself.
START SURVEY NOW
Be on the lookout for our results summary later this summer!
- Magento Killer 10 July 2019
A malicious PHP script, aptly given the name “Magento Killer” by its creator(s), has been found targeting Magento websites.
While it doesn’t actually kill the Magento installation, it does allow the attacker to modify data in the core_config_data table of the targeted Magento database.
$ConfKiller: Malicious Operations Used to Steal Payment Info
During the initial stages of the attack, the bad actor uses special SQL queries encoded in base64.
- Icegram Persistent Cross-Site Scripting 9 July 2019
Icegram is a plugin that helps you collect email addresses for your newsletter. Other features include light-box popup offers, header action bars, toast notifications, and slide-in messengers.
Versions 188.8.131.52 and lower are affected by a persistent Cross-Site Scripting in the admin area. This plugin has over 40,000 installations and any attacker with a subscriber account can leverage this vulnerability.
We are not aware of any exploit attempts currently targeting this plugin, but all of our clients behind the website firewall are already protected.
- 7 Things You Should Monitor in WordPress Activity Logs 8 July 2019
WordPress activity logs can be helpful when troubleshooting or trying to identify a hack. In this article, you’ll learn about the seven things you should monitor in your WordPress logs.
Over the years, WordPress has grown more complex. WordPress is used by people in a variety of environments, ranging from small shops to large enterprises. Its flexible nature allows for a lot of customization; although that does inherently produce a lot of new areas to supervise post-production.
- Spam That Fits Your Website 5 July 2019
Most of the time when we talk about spam, we think about mindless machines that create posts or comments to advertise a business related to drugs, accessories, or essays.
But what if a hacker tried to convince your clients to click on malicious links based on the content of your website?
A Customized Spam Campaign Targeting Pizza Delivery
We recently found a very interesting case where a pizza delivery website was compromised.
- WordPress Plugin WP Statistics: Unauthenticated Stored XSS Under Certain Configurations 3 July 2019
The WordPress plugin WP Statistics, which has an active installation base of 500k users, has an unauthenticated stored XSS vulnerability on versions prior to 12.6.7.
This vulnerability can only be exploited under certain configurations—the default settings are not vulnerable.
- 2019/06/26 – Initial contact to the developer.
- 2019/06/27 – Response from the developer, disclosure of the vulnerability.
- 2019/06/30 – Patch proposed for review.
- How to Know If You Are Under DDoS Attack 1 July 2019
Nowadays, DDoS is a pretty recognizable term. Though many webmasters don’t know exactly what a DDoS attack is—its method is very subtle to identify—they’re pretty sure it’s a bad thing. And that’s a correct assumption. In this article, we will focus on how to know if your website is under attack and how to protect it from it.
What is a DDoS Attack?
DDoS stands for Distributed Denial of Service. Like the name implies, a DDoS attack focuses on damaging a service such as:
- a website,
- an internet service provider (ISP),
- the Nasdaq Stock Market,
- a NASA probe,
- a game server.
- Massive 1800ForBail WordPress Hacks 28 June 2019
Sucuri malware analyst Kaushal Bhavsar recently brought our attention to a massive campaign responsible for adding either “1800ForBail” or “1800ForBail – One+Number” keywords to the titles of vulnerable WordPress sites.
1800ForBail in Search Results
Google currently returns 158,000 results for the [intitle:1800ForBail] query.
Of course, this count includes internal pages on compromised websites.
At the same time, PublicWWW.com returns 692 results for “1800ForBail”, where one result per domain is typically listed.
- Fake Instagram Verification 26 June 2019
Across various social media platforms there are verification checkmark symbols that appear near the name of the account’s page we view. For example, this verified account indicator seen from our Twitter page:
These verification checkmarks exist as a credibility indicator to help show authenticity and integrity to social media page visitors.
In order to obtain these checkmark symbols, page owners must meet a list of various requirements and undergo a verification process with their social media provider.
- Why is Your Website a Target? The SEO Value of a Website 24 June 2019
Website security is what we eat, sleep, and breathe. It’s what we do best because we deal with hacked websites every single day, thousands of them. Among the various types and evolution in attack scenarios, one has remained the same for all these years—spam infections.
A spam infection could be a serious problem for online businesses when it remains on the website long enough for Google, Bing, or other website blacklist authorities to spot it and block site access.