With the proliferation of Infrastructure and Platform as a Service providers, it is no surprise that a majority of today’s websites are hosting in the proverbial cloud. This is great because it allows organizations and individuals alike to quickly deploy their websites, with relatively little overhead on their own infrastructure/systems. While there are so manyRead […]
Tag Archives: Website Security
BIND9 – Denial of Service Exploit in the Wild
BIND is one of the most popular DNS servers in the world. It comes bundled with almost every cPanel, VPS and dedicated server installation and is used by most DNS providers. A week ago, the Internet Systems Consortium (ISC) team released a patch for a serious denial of service vulnerability (CVE-2015-5477) that allows a remoteRead […]
Malicious Google Analytics Referral Spam
Robots (bots) have outnumbered people on the Internet for almost two years, and they browse much faster than your average visitor. Aside from spamming your comment systems and crawling for vulnerable websites to attack, bots can also cause a lot of confusion in your website traffic reporting systems. If you use analytics software on yourRead […]
Webutation Distributing Malware Through Safety Badge
If you are using the Webutation badge on your site, remove it now. It appears they got hacked and are distributing malware to mobile devices through redirects hidden within the badge’s code. We were analyzing a website that was compromised and redirecting visitors to bogus apps on the Apple App Store and the Google PlayRead […]
Common Website Security Terminology Defined
If you want to keep your website safe, it is important to understand the terminology used to describe the causes and effects of hacks. Software vulnerabilities and access control issues are two of the main causes of website infections, and in this post we will define some of the terminology used to describe them. WeRead […]
Magento Platform Targeted By Credit Card Scrapers
We’ve been writing a lot about E-Commerce hacks and PCI Compliance recently. The more people buy things online, the more of an issue this will be come and the more important it will be to talk about it. We live in an online world where a single mistake can lead to catastrophic results; that impact isRead […]
Websites Hacked Via Website Backups
The past few months we’ve been spending a good deal of time talking about backups. This is for good reason, they are often your safety net when things go wrong; interestingly enough though, they are often the forgotten pillar of security. It’s why we spent some time thinking through what a good backup strategy mightRead […]
10 Tips to Improve Your Website Security
In recent years there has been a proliferation of great tools and services in the web development space. Content management systems (CMS) like WordPress, Joomla!, Drupal and so many other allow business owners to quickly and efficiently build their online presences. Their highly extensible architectures, rich plugin, module, extension ecosystem have made it easier thanRead […]
SweetCAPTCHA Service used to Distribute Adware
SweetCaptcha is free CAPTCHA service that offers to match sweet-looking images instead of making you recognize distorted digits and characters. It has integration with many website platforms: pure PHP, WordPress (10,000+ plugin installs), Drupal, Joomla, ModX, .NET, JavaScript, and even offers an API that can be used on other platforms. So far so good. MaliciousRead […]
Your Website Hacked but No Signs of Infection
Imagine for a moment, you have a suspicion that you have somehow been hacked. You see that something is off, but you feel as if you are missing something. This is the emotionally draining world that many live in, with a paranoia and concern that grips you once you see and recognize that something is not right.Read […]
