As we settle into 2020, it’s a good time to look back at what was learned in the previous year. After all, the past provides valuable lessons for the future. With that thought in mind, we asked our researchers to…
How many websites do you currently have on your server? If the answer is something along the lines of, “One that I really care about, some older ones that I don’t really use, and maybe a dev site that could…
This is a story about the SoakSoak malware campaign that proved that you can’t underestimate impact of security issues in popular premium software. These days, the majority of popular content management systems are 100% free: WordPress, Magento, Joomla, Drupal, etc.…
In past posts, we’ve discussed the more popular reasons why hackers target smaller websites. Today, we’ll focus instead on how hackers use compromised websites to spread dangerous malware like Emotet to end user victims. Emotet Threat First off, what is…
Phishing is a malicious attempt to obtain personally identifiable information of a victim. The first thing to keep in mind about phishing is the goal of the attackers. In the first post of this series, we have explained how to…
With the end of November comes the height of the holiday shopping season — specifically Black Friday and Cyber Monday sales, which typically span the last calendar days of November into the first week of December. As consumer behavior changes…
While we deal with a lot of phishing cases, we rarely see mobile applications used as part of a phishing campaign—these apps add a layer of complexity to the process which deters some bad actors from incorporating into their attack.…
A web application firewall (WAF) is a great way to detect and filter incoming malicious requests before they can exploit website vulnerabilities and security flaws. While a WAF helps protect against threats over HTTP/HTTPS, the website can still be hacked…