Archive For: Anti-Virus Anti-Malware
-
December 7, 2017
Categories:
-
Recently, a webmaster contacted us when his AVG antivirus reported that the JS:Miner-C [Trj] infection was found on their site. Our investigation revealed a hidden iframe had been injected into the theme’s footer.php file: <iframe src=”hxxps://wpupdates.github[.]io/ping/” style=”width:0;heigh:0;border:none;”></iframe> When we opened the URL in a browser, the page was blank. After checking the HTML source code,... Read More
-
December 6, 2017
Categories:
-
Update Dec. 8 2017: The cloudflare[.]solutions domain has now been taken down. A few weeks ago, we wrote about a massive WordPress infection that injected an obfuscated script pretending to be jQuery and Google Analytics. In reality, this script loaded a CoinHive cryptocurrency miner from a third-party server. We also mentioned a post written back in... Read More
-
November 24, 2017
Categories:
-
On Monday, November 20th, we were notified about a vulnerability that poses a serious security risk when the Shortcodes Ultimate and Formidable Forms plugins are used together on a single WordPress installation. Over the past couple of weeks, we’ve noticed a large influx in the number of malicious requests testing for the presence of the... Read More
-
November 22, 2017
Categories:
-
Shopping season is here, and with that, so is the opportunity for ecommerce site owners to grow their revenue and reputation. However, hackers are also busy infecting ecommerce websites with malware, such as: Credit Card Swipers Malicious Payment Gateways Malware Downloads Now is the time when attackers target those last-minute shoppers buying products online. Over... Read More
-
November 21, 2017
Categories:
-
Today we are announcing that our company name is changing to Defiant Inc. Over the past 5 years we have grown significantly and have expanded beyond WordPress. As a security organization, we now have a stable of products and services to offer our customers. To reflect this change, we are changing the name of the... Read More
-
November 16, 2017
Categories:
-
Vulnerabilities have been reported in the Formidable Forms, Duplicator and Yoast SEO WordPress plugins. The Premium version of Wordfence protects against all of these vulnerabilities, even if you have not updated your plugins yet. We do recommend that you update immediately, whether or not you are using the Premium version of Wordfence. The details of... Read More
-
November 15, 2017
Categories:
-
As consumers prepare to take advantage of the discounts and promotions for the Black Friday and Cyber Monday ecommerce holidays, bad actors are crafting fraudulent websites, phishing, and malware campaigns to capitalize on the profits. In past years, targeted Cyber Monday phishing emails posed a huge risk to consumers. These emails, designed to appear from... Read More
-
November 15, 2017
Categories:
-
This is the fifth installment in a new series we started last month called Ask Wordfence. You can access previous posts here. Today’s question comes from Brooke in Harrisonburg: When I see IPs blocked by firewall, or blocked for trying to log in, is there a benefit to permanently blocking them, one by one, or is... Read More
-
November 13, 2017
Categories:
-
During regular audits of our Sucuri Firewall (WAF), one of our researchers at the time, Slavco Mihajloski, discovered an SQL Injection vulnerability affecting bbPress. If the proper conditions are met, this vulnerability is very easy to abuse by any visitors on the victim’s website. Because details about this vulnerability have been made public today on... Read More
-
November 8, 2017
Categories:
-
You would never leave the front door to your house wide open when you’re not home would you? Doing so would allow criminals to seize the opportunity of stealing your valuables. That’s the same way you can look at website hacking. Leaving your website unprotected is like establishing an open-door policy with hackers, giving them... Read More
Tap To Call