Do you keep all of your website software (including third-party themes, plugins, and components) up to date? You should! We always recommend this to our clients … [Read more...]
Phishing Attacks Target Ecommerce Checkout Pages
Hunting credit card details on compromised ecommerce websites has become popular over the last two years. We have reported multiple cases in the past where … [Read more...]
200k+ Parked/Expired Domains Used to Distribute Malicious Ads
Recently we wrote about domain renewal scams that used real paper letters to tricks site owners into transferring their domains and renewing them for 3-4x the … [Read more...]
WordPress Redirect Hack via Test0.com/Default7.com
We’ve been working on a few WordPress sites with the same infection that randomly redirects visitors to malicious sites via the default7 .com / test0 .com / … [Read more...]
Massive Admedia/Adverting iFrame Infection
This past weekend we registered a spike in WordPress infections where hackers injected encrypted code at the end of all legitimate .js files. The distinguishing … [Read more...]
Hacked Websites Redirect to Bitcoin.org
Recently, we began to notice that some hacked websites were redirecting traffic from certain browsers to the BitCoin site, bitcoin.org. What’s going on? Is … [Read more...]
Why A Free Obfuscator Is Not Always Free.
We all love our code but some of us love it so much that we don’t want anyone else to read or understand it. When you think about it, that’s … [Read more...]
Malvertising on a Website Without Ads
When you first configure your website, whether it be WordPress, Joomla, Drupal, or any other flavor of the month, it is often in its purest state. Unless … [Read more...]
Typos Can have a Bigger Impact Than Expected
Have you ever thought about the cost of a typo? You know what I mean, a simple misspelling of a word somewhere on your website. Do you think there’s a risk in … [Read more...]
The Dangers of Hosted Scripts – Hacked jQuery Timers
Google blacklisted a client’s website claiming that malicious content was being displayed from “forogozoropoto(dot)2waky (dot)com”. A scan … [Read more...]