Conducting an external website scan for indicators of compromise is one of the easiest ways to identify security issues. While remote scanners may not provide as comprehensive of a scan as server-side scanners, they allow users to instantly identify malicious…
Fake WordPress plugins appear to be trending as an effective way of establishing a foothold on compromised websites. During a recent investigation, we discovered a fake component which was masquerading as a legitimate plugin. Named SiteSpeed, it contained a lot…