Ransomware has been one of the scariest topics in cybersecurity for years – and for good reason. Living up to its name, ransomware is a type of malware where a bad actor blocks access to data or applications until payment is received. In other words, it turns hackers into kidnappers of your information. And much […]
Tag Archives: Website Security
Spamdexing: What is SEO Spam and How to Remove It
If you’re wondering what is SEO spam, a good way to gain an understanding is finding this wily beast in the wild. In your favorite browser, search with the terms buy viagra cialis. (You might want to check over your shoulder first.) Now, without clicking anything, scroll through the results. Doesn’t it seem odd that […]
Creative Phishing for Digital Gold on RuneScape
RuneScape is an extremely popular massive multiplayer online game. With over 200 million generated accounts, its claim to fame is that it’s one of the largest free MMORPG’s ever created. At the current time of writing, 1 million in-game gold pieces is valued at around $0.60 USD on the black market. The wealthiest players can […]
Fixing “Uncommon Download” Warnings in Google Search Console
Over the past few months, a lot of website owners have received “uncommon download” warnings from Google Search Console. These warnings can be vague, often lacking specific information about where the download is, exactly. Don’t panic — a lot of these seem to be false positives and you can just request a review. Read on […]
Password Attacks 101
One of the most common attacks carried out nowadays is related to cracking passwords, but most people probably just know about brute-forcing. There are, in fact, other kinds of attacks around passwords. Let’s take a look at three kinds of password attacks. Brute Force Attacks Brute forcing in its essence is trying many passwords to […]
Hacked Website Threat Report – 2019
The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities to massively exploit, our team works diligently around the clock to identify, analyze, and protect website owners from compromise. Education is key to protecting yourself […]
Web Swiper in Image Title
Cybercriminals regularly try a variety of approaches to hide their malicious code — web skimmers are well known for using all sorts of obfuscation and masquerading. Suspicious Img Tag Our malware analyst Liam Smith recently discovered a suspicious looking image tag in the database of a compromised Magento site. <img height=”1px” width=”1px” style=”display:none;“ src=”/skin/frontend/smartwave/mango/images/cs_logo_white.png” title=”hxxps://intljs.rmtag[.]net/js/slider.js“ […]
Personal Online Security – Account Management
Continuing a series on how to better strengthen your personal online privacy, we are looking to take personal inventory of how we connect online. These were themes covered during our webinar “Security Beyond Your Website: Personal Online Privacy” and in a Twitter conversation (through the #Digiblogchat weekly forum) on this same topic. The first posts […]
Fake AmeriCommerce Shopping Cart
Our malware analyst Liam Smith recently found malware on a client’s site that targets ecommerce sites powered by AmeriCommerce software. A popular ecommerce software solution that allows users to run multiple carts with a single admin user, AmeriCommerce product pages typically include an HTML form with the information about the item and an Add to […]
Malicious JavaScript Used in WP Site/Home URL Redirects
Our team recently found a malicious JavaScript injection within the WordPress index.php theme file on a compromised WordPress website which ultimately redirects site visitors to a survey-for-gifts scam website. At this time of writing, we have seen over two thousand new infected sites since we started tracking this infection. The injection seen below is used […]
