Website malware comes in all shapes and sizes, each with its own unique methods of attack and evasion. One threat making regular headlines is SocGholish, a sophisticated and persistent malware that has been targeting websites for over 7 years. Understanding how SocGholish operates and learning how to protect against it is essential if you want […]
Archive by Author
2023 Hacked Website & Malware Threat Report
Education is essential for defending your website against emerging threats. That’s why we are thrilled to share our 2023 Hacked Website & Malware Threat Report. Disseminating this information to the community helps educate website owners about the latest trends and threats. This year, we’ve included new insights to highlight the most prevalent tactics and techniques […]
Hundreds of Websites Targeted by Fake Google Chrome Update Pop-Ups
Fake Browser Update campaigns are known for their deceptive tactics used by hackers to trick users into downloading malicious software. These campaigns typically involve injecting malicious code into a website, which then displays a popup message urging users to update their web browser. Clicking on the provided link usually results in downloading malware, such as […]
From Privacy to Exfiltration: Telegram’s Role in Website Malware
Telegram, a name synonymous with secure messaging, has paradoxically become a tool for cybercriminals who abuse the strengths of the platform to target unsuspecting websites. This popular messaging platform, once known for its commitment to user privacy and security, is now being used in ways its creators never intended: a conduit for controlling malware-infected websites. […]
WordPress Vulnerability & Patch Roundup May 2024
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]
How to Fix the NET::ERR_CERT_DATE_INVALID Error
Encountering the NET::ERR_CERT_DATE_INVALID error can be frustrating, but it’s important to address it promptly to ensure your website remains secure and trustworthy. This error typically indicates an issue with your website’s SSL/TLS certificate, which is essential for encrypting data and ensuring a secure connection between your website and its visitors. When this error occurs, users […]
Server Side Credit Card Skimmer Lodged in Obscure Plugin
Attackers are always finding new ways to inject malware into websites and new ways to obscure it to avoid detection, but they’re always up to their same old tricks. In this post, we’ll explore how attackers are using a very obscure PHP snippet WordPress plugin to install server-side malware to harvest credit card details from […]
What is HTTP 504 Gateway Timeout & How to Fix It
Website errors can be extremely frustrating, and one that often appears is the 504 Gateway Timeout error. This error occurs when an upstream server fails to complete your request within a specified time frame. For visitors, this can be an aggravating experience, and can negatively impact your website conversions and revenue. Typically, 504 errors arise […]
What is HTTP Error 502 Bad Gateway & How to Troubleshoot It
Website errors can be a real test of patience. One common culprit is the 502 bad gateway error. Known for its ubiquity across the web, it doesn’t discriminate between small WordPress sites or well-known services like Gmail, Twitter, or Instagram. You may encounter a 502 Bad Gateway error when a server upstream (i.e. one closer […]
What is HTTP Error 429: Too Many Requests
Encountering the HTTP Error 429 can be frustrating for both website owners and users. Error 429 is an HTTP status code indicating that a user has sent too many requests in a given amount of time. Websites and servers implement rate limiting to manage their resources efficiently and ensure equitable access for all users. In […]
