HackDig : Dig high-quality web security articles for hackers

Latest Joomla Exploit ‘CVE-2020-35616’ – Joomla ACL Security Vulnerabilities

Working as a Security Consultant, more often than not, you come across vulnerabilities that are peculiar & at the same time important to be fixed soon. Something of the sort recently happened with me, while looking for new Joomla exploit and attacks in Joomla Security. I came across a vulnerability in Joomla that would give privileges to non-superuser
Publish At:2020-12-26 16:55 | Read:279 | Comments:0 | Tags:Joomla Security News Website Security CVE-2020 Joomla joomla

The 10 Most Common Website Security Attacks (and How to Protect Yourself)

Every website on the Internet is somewhat vulnerable to security attacks. The threats range from human errors to sophisticated attacks by coordinated cyber criminals.According to the Data Breach Investigations Report by Verizon, the primary motivation for cyber attackers is financial. Whether you run an eCommerce project or a simple small business website, t
Publish At:2020-12-21 03:02 | Read:288 | Comments:0 | Tags:Cyber Security Featured Articles threat web application atta

SQL Injection Attack And Exploiting SQL Injection Part – 2

In the previous blog, we understood the extreme basics of SQL Injection. But in this, we are going to look for some high-level possibilities of a SQL Injection attack.SQL Injection is one of the most common vulnerabilities encountered on the web and can also be one of the most dangerous. Attackers can inject malicious SQL code in order to extract sensitive i
Publish At:2020-11-18 08:49 | Read:400 | Comments:0 | Tags:Knowledge-base SQL Injection Website Security DNS based exfi

SQL Injection And Exploiting SQL Injection Part – 1

Injection. What is Injection? Injection in simple terms means supplying an untrusted input in the application. This untrusted input then gets interpreted by the interpreter considering it as a part of a command or a query. This modifies the execution of the program.An injection could cause data loss, loss of integrity, denial of service as well as entire sys
Publish At:2020-10-28 17:30 | Read:458 | Comments:0 | Tags:Knowledge-base SecureLayer7 Lab Security Advisory SQL Inject

Website Security Analysis And Signs To Identify Malware

We have all experienced this at some point getting redirected to some entirely random website for absolutely no reason. You may have noticed the unwanted ads that keep on popping up on a site or maybe you are unexpectedly redirected to some completely different site which is not even related with what you are looking for or with some inappropriate content, o
Publish At:2020-05-18 12:33 | Read:687 | Comments:0 | Tags:SecureLayer7 Services Website Security malware security web

Active malware campaign uses thousands of WordPress sites to infect visitors

Attackers have hijacked thousands of websites running the WordPress content management system and are using them to infect unsuspecting visitors with potent malware exploits, researchers said Thursday.The campaign began 15 days ago, but over the past 48 hours the number of compromised sites has spiked, from about 1,000 per day on Tuesday to close to 6,000 on
Publish At:2015-09-18 05:15 | Read:5010 | Comments:0 | Tags:Risk Assessment Technology Lab exploits malware vulnerabilit

Why Protecting Your Magento Ecommerce Website Is So Damn Important

The Market of E-commerce websites is at its peak, as today people love to shop online to save their time. However, E-commerce and financial sites stand first in the rundown of potential victims as they manage financial exchanges.The traditional way to target victims of e-commerce sites is to use targeted "phishing" attacks via social media and emails. But&
Publish At:2015-04-16 11:00 | Read:5866 | Comments:0 | Tags:eCommerce Software ecommerce website templates hacking credi

Website Malware – The SWF iFrame Injector Evolves

Last year, we released a post about a malware injector found in an Adobe Flash (.SWF) file. In that post, we showed how a .SWF file is used to inject an invisible, malicious iFrame. It appears that the author of that Flash malware continued with this method of infection. Now we are seeing more varieties infecting both WordPress and Joomla websites. Though it
Publish At:2015-04-02 21:25 | Read:4420 | Comments:0 | Tags:Joomla! Security Website Malware Website Security WordPress

Website Malware – The SWF iFrame Injector Evolves

Last year, we released a post about a malware injector found in an Adobe Flash (.SWF) file. In that post, we showed how a .SWF file is used to inject an invisible, malicious iFrame. It appears that the author of that Flash malware continued with this method of infection. Now we are seeing more varieties infecting both WordPress and Joomla websites. Though it
Publish At:2015-04-02 15:10 | Read:4438 | Comments:0 | Tags:Joomla! Security Website Malware Website Security WordPress

Intro to E-Commerce and PCI Compliance – Part I

Have you ever heard of the term Payment Card Industry (PCI)? Specifically, PCI compliance? If you have an e-commerce website, you probably have already heard about it. But do you really understand what it means for you and your online business? In this series, we will try to explain the PCI standard and how it affects you and your website. We will focus mos
Publish At:2015-04-01 07:05 | Read:4854 | Comments:0 | Tags:Ecommerce Security PCI DSS Website Security pci pci-dss

Intro to E-Commerce and PCI Compliance – Part I

Have you ever heard of the term Payment Card Industry (PCI)? Specifically, PCI compliance? If you have an e-commerce website, you probably have already heard about it. But do you really understand what it means for you and your online business? In this series, we will try to explain the PCI standard and how it affects you and your website. We will focus mos
Publish At:2015-03-31 21:20 | Read:3883 | Comments:0 | Tags:Ecommerce Security PCI DSS Website Security pci pci-dss

WordPress Malware Causes Psuedo-Darkleech Infection

Source: The National Archives (UK) Darkleech is a nasty malware infection that infects web servers at the root level. It use malicious Apache modules to add hidden iFrames to certain responses. It’s difficult to detect because the malware is only active when both server and site admins are not logged in, and the iFrame is only injected once a day (or o
Publish At:2015-03-26 13:15 | Read:3588 | Comments:0 | Tags:Joomla! Security Webserver Infections Website Malware Websit

Why Website Reinfections Happen

I joined Sucuri a little over a month ago. My job is actually as a Social Media Specialist, but we have this process where regardless of your job you have to learn what website infections look like and more importantly, how to clean them. It’s this idea that regardless of you are you must always know the foundation that makes this company work. After a
Publish At:2015-03-24 12:50 | Read:4506 | Comments:0 | Tags:Learn Website Security bad habits best practices reinfection

The Impacts of a Hacked Website

Today, with the proliferation of open-source technologies like WordPress, Joomla! and other Content Management Systems (CMS) people around the world are able to quickly establish a virtual presence with little to no cost. In the process however, a lot is being lost in terms of what it means to own a website. We are failing each other, we are not setting ou
Publish At:2015-03-19 20:50 | Read:4329 | Comments:0 | Tags:Learn Website Hacked Website Security

The Impacts of a Hacked Website

Today, with the proliferation of open-source technologies like WordPress, Joomla! and other Content Management Systems (CMS) people around the world are able to quickly establish a virtual presence with little to no cost. In the process however, a lot is being lost in terms of what it means to own a website. We are failing each other, we are not setting our
Publish At:2015-03-19 14:35 | Read:3687 | Comments:0 | Tags:Learn Website Hacked Website Security

Tools

Tag Cloud