Archive by Author

Mal.Metrica Redirects Users to Scam Sites

One of our analysts recently identified a new Mal.Metrica redirect scam on compromised websites, but one that requires a little bit of effort on the part of the victim. It’s another lesson for web users to be careful what they click on, and to be wary of anything suspicious that pops up in their browser […]

WordPress Vulnerability & Patch Roundup April 2024

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]

What is a Zero-Day Vulnerability?

Navigating the world of website security can feel like stepping into a minefield, especially when you have to navigate threats like zero-day vulnerabilities. Zero-days are security flaws that, worryingly, remain hidden from everyone involved — from dev teams and users, to even the most conscientious vulnerability researchers. In this post, we’ll take a look at […]

What is Cookie Hijacking

Cookie hijacking involves unauthorized access to cookies, which are small pieces of data stored on your browser by websites you visit. Cookies often contain sensitive information, including session tokens that authenticate users to a web application. By hijacking these cookies, attackers can impersonate users and gain unauthorized access to private accounts and sensitive data. Given […]

JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS

Last August we documented a malware campaign that was injecting malicious JavaScript code into compromised WordPress sites to redirect site visitors to VexTrio domains. The most interesting thing about that malware was how it used dynamic DNS TXT records of the tracker-cloud[.]com domain to obtain redirect URLs. We’ve been tracking this campaign ever since — […]

WordPress Maintenance: Tasks & Best Practices

If you’re managing a WordPress site, it’s crucial to ensure it runs smoothly and securely. Many site owners worry that WordPress maintenance is a complex chore that requires a ton of technical expertise, but that’s not entirely true. This guide is here to show you the steps you can take on your own to help […]

Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker

In recent months, we have encountered a number of cases where attackers inject malware into website software that allows for custom or miscellaneous code — for example, the miscellaneous scripts area of the Magento admin panel, or WordPress plugins such as Custom CSS & JS. Custom script editors are popular with bad actors because they […]

Web Shells: Types, Mitigation & Removal

Web shells are malicious scripts that give attackers persistent access to compromised web servers, enabling them to execute commands and control the server remotely. These scripts exploit vulnerabilities like SQL injection, remote file inclusion (RFI), and cross-site scripting (XSS) to gain entry. Once deployed, web shells allow attackers to manipulate the server, leading to data […]

Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS

We often write about malware that steals payment information from sites built with Magento and other types of e-commerce CMS. However, WordPress has become a massive player in ecommerce as well, thanks to the adoption of Woocommerce and other plugins that can easily turn a WordPress site into a fully-featured online store. This popularity also […]

WordPress Vulnerability & Patch Roundup March 2024

Stratusclear.org

Stratusclear Network