Hardening is the process of securing a website or system against known security weaknesses or potential issues to reduce the attack surface. The more functions or features a website has, the more potential points of entry an attacker has to…
DDoS attacks are a growing threat for websites. But do you know how to mitigate them in their tracks? We’ll cover some essential fundamentals on stopping a DDoS attack and preventing them from happening in the future. Specifically, as a…
We were recently contacted by a Magento website owner who had been blacklisted and was experiencing McAfee SiteAdvisor “Dangerous Site” warnings. Our investigation revealed that the site had been infected with a credit card skimmer loading JavaScript from the malicious…
Why Should You Audit Your Website for Security? Most hacks and cyber attacks happen because of poor security practices. The first step you can take to improve your online security is knowing exactly what’s installed on your website. Having a…
In a previous analysis of a malicious file, we demonstrated why you should always update your email account passwords after a security compromise. The information security threat landscape is always changing. Likewise, the tools used by bad actors are also…
During the past year, our Remediation department has seen a large increase in the number of fully spammed sites. The common factors are strangely named and unusually located favicon.ico files, along with the creation of “bak.bak” index files peppered around…
As part of our commitment to the website security community, we want to know the true impacts of a website compromise from the owner’s perspective. If you are a business that has dealt with any type of website attack, your…
A malicious PHP script, aptly given the name “Magento Killer” by its creator(s), has been found targeting Magento websites. While it doesn’t actually kill the Magento installation, it does allow the attacker to modify data in the core_config_data table of…