When we investigate compromised websites, it’s not unusual to find malicious files that have been obfuscated through forms of encoding or encryption — however, these are not the only methods that attackers use to obfuscate code. Obfuscation via Predefined PHP…
Online bad actors tend to take advantage of tragedy for their own gain – and the coronavirus is no different. While we would hope that cybercriminals would be sympathetic during a global health crisis, it already appears this may be…
Throwback Threat Thursday is a series of posts where we recall older vulnerabilities that have since been patched by their developers. In the past, these vulnerabilities caused significant impacts to the security of website owners. Some vulnerable sites may still…
Have you ever seen a website advertising products that seem unrelated to the apparent purpose of the site? Often, this suspicious content is promising pharmacy drugs, available quickly and without a prescription. That’s a classic example of a pharma hack.…
To better understand the difference between website malware and vulnerabilities, imagine your online property is a brick-and-mortar structure. You’d want to keep safe from burglars, so you take measures to protect your house, like locked doors and windows, and installing…
Perhaps the best way to dive into the subject of finding and removing SEO spam on WordPress is with a quick experiment — probably one you’ll want to conduct at a private location. Run a Google search with the terms…
It’s a day every website owner fears. You open the website you’ve poured your time, energy, and money into, only to find your home page looking very different. After your stomach sinks and you take a long gasp, you’ll likely…
We were recently contacted by a website owner about some malicious injected spam links that were being indexed by Google’s search engine crawler Googlebot. What was especially frustrating for the website owner was that these spammy links were not being…