First, I'd like to compliment Sucuri on a fine, detailed analysis of the Sign1 Malware.   Kathy Zant has also analyzed this on her YouTube channel.   A quick recap first, in the unlikely...

Sometimes, while determining root cause of a website infection, we see many new methods. However, recently we've been seeing the same old tactics hackers have been using for years.   A recent...

Introduction  WordPress Security is full of myths that have no basis in reality or data. A particularly pervasive one is the unsubstantiated claim that “95% of WordPress hacks are due to outdated...

Many people have received notifications from their cloud server provider indicating their server's IP address has been reported as attacking other websites.   We Watch Your Website's services have been used frequently...

In the past 30 days we’ve seen a new attack vector on WordPress websites - management consoles.   First, a disclaimer. The infections discussed here are NOT the result of faulty programming...

Okay, WordPress people, check this out by Brian Krebs:   https://krebsonsecurity.com/2022/01/crime-shop-sells-hacked-logins-to-other-crime-shops/   What's important to note is this:   "One example is Genesis Market, where customers can search for stolen credentials and authentication cookies from a...