Recently, we began to notice that some hacked websites were redirecting traffic from certain browsers to the BitCoin site, bitcoin.org. What’s going on? Is Bitcoin using black hat SEO? Is their site malicious? As you can see, the hacked website doesn’t redirect to bitcoin.org directly. It first redirects to “194 .6 .233 .7/mxjbb . cgi?default“, whichRead […]
Tag Archives: Website Security
My Website Was Blacklisted By Google and Distributing Email Spam
Being blacklisted is one of the worst things that can happen to a website. The public shame coming from every visitor being stopped by the Big Red Warning page can literally destroy any online business, I am speaking from personal experience before joining the Sucuri team. When a website is blacklisted, users are unable toRead […]
Security Advisory: XSS Vulnerability Affecting Multiple WordPress Plugins
Multiple WordPress Plugins are vulnerable to Cross-site Scripting (XSS) due to the misuse of the add_query_arg() and remove_query_arg() functions. These are popular functions used by developers to modify and add query strings to URLs within WordPress. The official WordPress Official Documentation (Codex) for these functions was not very clear and misled many plugin developers toRead […]
Critical Magento Shoplift Vulnerability (SUPEE-5344) – Patch Immediately!
The Magento team released a critical security patch (SUPEE-5344) to address a remote command execution (RCE) vulnerability back in February. It’s been more than two months since the release and still more than 50% of all the Magento installations have not been patched, leaving them open to attacks. This means hundreds of thousands of websites areRead […]
Website Firewall – Critical Microsoft IIS vulnerability (MS15-034)
Microsoft just disclosed a serious vulnerability (MS15-034) on their Web Server IIS that allows for remote and unauthenticated Denial of Service (DoS) and/or Remote Code Execution (RCE) on unpatched Windows servers. An attacker only needs to send a specially crafted HTTP request with the right header to exploit it. That’s how serious it is. RCE is usedRead […]
Impacts of a Hack on a Magento Ecommerce Website
Recently we wrote about the impacts of a hacked website and how it is important to give website visitors a safe online experience In this post, I’ll show you how a hacked website results in almost immediate loss of money. We are not talking about drive-by infections that can be prevented by using a goodRead […]
How To Create a Website Backup Strategy
We’ve all heard it million times before – backups are important. Still, the reality is that even today, backups remain one of the most overlooked and under-utilized precautions we can take to protect our vital data. Why are backups so important Put simply, a good set of backups can save your website when absolutely everythingRead […]
Website Malware – The SWF iFrame Injector Evolves
Last year, we released a post about a malware injector found in an Adobe Flash (.SWF) file. In that post, we showed how a .SWF file is used to inject an invisible, malicious iFrame. It appears that the author of that Flash malware continued with this method of infection. Now we are seeing more varieties […]
Intro to E-Commerce and PCI Compliance – Part I
Have you ever heard of the term Payment Card Industry (PCI)? Specifically, PCI compliance? If you have an e-commerce website, you probably have already heard about it. But do you really understand what it means for you and your online business? In this series, we will try to explain the PCI standard and how it […]
WordPress Malware Causes Psuedo-Darkleech Infection
Source: The National Archives (UK) Darkleech is a nasty malware infection that infects web servers at the root level. It use malicious Apache modules to add hidden iFrames to certain responses. It’s difficult to detect because the malware is only active when both server and site admins are not logged in, and the iFrame is […]