Tag: backdoor

cyberattacks 2018

What Website Owners Need to Know About Cyberattacks In 2018

Imagine if one in every 15 websites you visited was secretly taken over by cybercriminals trying to steal your credit card information or other personal data. Now imagine if that website was your website, and you had no idea it was harming your visitors. This is the reality for many website owners, and now more than ever, they  need to be on alert for cyberattacks in 2018.

In Q3 2017, SiteLock discovered alarming cybercrime trends that will likely affect websites for months to come. The most worrying trend for website owners: cybercriminals are increasingly using malware, or software that is used for malicious purposes, to take advantage of website visitors. In fact, nearly 15 percent of malware attacks targeted website visitors with the goal of exploiting them for sensitive data, website traffic, and other assets or resources. That’s not all: cybercriminals attempted to compromise more websites in Q3 2017 than in the previous quarter, increasing their attempted attacks by 16 percent

Read More

Website security

Fake Joomla! Plugin Keyscaptcha Still in the Wild

Fake plugins and extensions are a favorite, and particularly sneaky, way to inject malicious content into popular CMS platforms. Fake plugins disguise their malicious intent by mimicking the form and function of legitimate plugins. We will discuss a not-so-well-known fake Joomla! extension, what it does, and what you can do to protect your site from such attacks.

Read More

Remote Code Execution Attempts via REST API Vulnerability

SiteLock Research shield

This article was co-authored by Security Researcher Wyatt Morgan from SiteLock Research.

 

In the continuing saga of the WordPress REST API vulnerability in WordPress 4.7 and 4.7.1, SiteLock has identified that at least one hacker has launched a campaign specifically attempting remote code execution (RCE) on WordPress websites. The attacks aim to take advantage of WordPress websites using plugins that enable PHP to run inside of posts. If successful, the attack injects a line of code that ultimately downloads a series of malicious files from a Pastebin repository. These malicious files are used to install  backdoors and automatically steal information from  websites. When unsuccessful at remote code execution, the attack overwrites existing posts and leaves behind PHP shortcode.

Read More

Powered by WordPress & Theme by Anders Norén