A recent infection has been making its rounds across vulnerable WordPress sites, detected on over 160 websites so far at the time of writing. The infection is injected at the top of legitimate JavaScript files and executes a script from the following malicious domain: https://jquery0[.]com/JkrJYcvQ At first glance, this domain appears to be legitimate. However, […]
Archive by Author
Backdoor Targets FreePBX Asterisk Management Portal
Written in PHP and JavaScript, FreePBX is a web-based open-source GUI that manages Asterisk, a voice over IP and telephony server. This open-source software allows users to build customer phone systems. During a recent investigation, I came across a simple piece of malware targeting FreePBX’s Asterisk Management portal which allowed attackers to arbitrarily add and […]
Input Validation for Website Security
Web forms are incredibly useful tools. They allow you to gather important information about potential clients and site visitors, collect comments and feedback, upload files, subscribe new users to your blog, or even collect payment details. But if your forms aren’t properly validating user inputs, you might be in for a nasty surprise: a variety […]
How to Securely Shop With Your Credit Card: Use a Virtual Card & Check for Skimmers
The convenience and ease of online transactions has drawn a tremendous number of users to online ecommerce storefronts. And during the pandemic, many consumers switched to online purchases in favor of shopping at regular brick and mortar shops — leading to further reliance on credit or debit card transactions over cash to complete purchases. However, […]
Infected WordPress Plugins Redirect to Push Notification Scam
Attackers are always finding unique ways to avoid detection. Our teams regularly find malware on compromised websites which have been obfuscated to make it more difficult for webmasters to detect or understand. Obfuscation can take many forms, such as encrypting code or using complex algorithms to hide the true nature of the malicious contents. For […]
Chinese Gambling Spam Targets World Cup Keywords
Since 2018, our team has been tracking an interesting type of website infection where the tag of a hacked website is changed to Chinese text — changes which are clearly seen in the website’s search results and source code. However, when you open the affected website in a JavaScript-enabled web browser, the site operates as […]
WordPress Vulnerability & Patch Roundup November 2022
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]
New Wave of SocGholish cid=27x Injections
On November 15th, Ben Martin reported a new type of WordPress infection resulting in the injection of SocGholish scripts into web pages. The attack loads zipped malicious templates from WordPress theme and fake plugins files before extracting the SocGholish script, which is saved as an encrypted value inside the wp_option table of the WordPress database. […]
WP-CLI: How to Install WordPress via SSH
Sure, there are tons of one-click installers floating around for WordPress. But they’re not always the most secure option — and can still be tedious to use, especially if you need to update default configurations after installation. But what if I told you there’s a simple and reliable way to manage and install WordPress using […]
How to Fix the “This Site May Harm Your Computer” Warning
Most modern web browsers and search authorities like Google have a vested interest in protecting their users from malware. Warning messages like “This site may harm your computer” are a clear way for services to educate and protect end users from accessing malicious websites. A hacked website can result in a plethora of headaches: unwanted […]
