Fake plugins and extensions are a favorite, and particularly sneaky, way to inject malicious content into popular CMS platforms. Fake plugins disguise their malicious intent by mimicking the form and function of legitimate plugins. We will discuss a not-so-well-known fake Joomla! extension, what it does, and what you can do to protect your site from such attacks.
Category: Malware (Page 2 of 5)
Websites experience 22 cyberattacks per day on average. That’s more than 8,000 attacks per year, per website. You might assume the majority of these attacks are aimed at eCommerce sites because they accept and store credit card information, but actually, the eCommerce sector accounts for only one percent of compromised websites.
Who works 24/7? Not you, I hope – but hackers around the globe are busy trying to compromise systems 24 hours a day, seven days a week. “Next-gen” is not just a convenient marketing term, it is very accurate label for new types of threats and new types of solutions designed to counter those threats.
The basic nature of PC and server (aka “endpoint”) security and threats to same had not changed in many years. For years, the enemy would be the rogue program (.EXE) or Word macro that would find its way on to our system and either destroy our data or perhaps surreptitiously take control of our system either to steal our data or add our system to its army of drones – or both.
The traditional endpoint security solution would rely on its researchers to learn the digital fingerprints – usually referred to as the signature – of the virus. Upon detection, the entire offending program or macro would be isolated (quarantined) and, ultimately, deleted.
Can you tell the difference between the two ads below?
Advertisement A Advertisement B
They may appear to be identical, but actually, they are far from it. Advertisement A is a perfectly legitimate ad, while Advertisement B contains malware.
Advertisement B is an example of malvertising, or malicious advertising. Malvertising is a hack cybercriminals use to spread malware via online advertisements. As you can see, malvertisements are deceiving and the damage can go beyond your website by infecting your computer with malware.
Searching for content within a database can be a little trickier than searching files, but the options are pretty similar. Following up on last week’s blog titled, “How to Look for Malware in your Website Files” we talk about how to look for malware in databases and what types of things you should be looking for.
It can come as quite a surprise when a site owner is notified that their site has been compromised with malware. After the shock wears off, and the immediate impact understood, it’s important to take stock of what has actually happened behind the scenes and then clean it up. The best advice anyone can give you is to make frequent, downloaded backups of your site in the event something happens to the live version so that the clean backup can replace the live, hacked version.
But what if there is no clean, viable backup available? In a world where websites have hundreds, if not thousands of files, how can any one person go about cleaning out an infection in just a small number of those files? In this two part series, we’ll talk about how to look for malware in both files and databases and give a couple examples of what to be on the lookout for.
Search engine spam, more frequently known as SEO spam, is a technique used to manipulate rankings in a way that is not allowed by search engine terms of service.
This week we’ll take a look at an interesting SEO spam campaign that recently came across the SiteLock research desk. Turkish escorts are apparently big business and we had the opportunity to dig a bit into the makings of a malicious Turkish escort spam campaign.
Malware, short for malicious software, is typically installed on a website by cybercriminals. Malware is a broad term that refers to a variety of malicious programs. It can spread viruses, steal personal or financial data and even hijack computers. Read our infographic to learn about the different types of malware.
When you think of websites being infected with malware, what types of sites come to mind? Pharmaceutical sites, porn sites or sites that bombard you with pop-up ads? While these sites could very well be malicious, you’re actually more likely to run into malware while visiting one of your typical, everyday e-commerce or news sites. Today, 75 percent of legitimate websites are at risk of malware. Malware, also known as malicious software, is designed to harm a website and its visitors.
Bots represent over 60 percent of all website traffic. This means that the majority of your website traffic could be coming from Internet bots, rather than humans. A bot is a software application that runs automated tasks over the Internet. Bots can be put into two categories, “good” and “bad.” Good bots visit websites to perform jobs, like search engine crawling, website health monitoring and website vulnerability scanning. Bad bots perform malicious tasks such as, DDoS attacks, website scraping and comment spam.