Month: February 2020

Gorgon Group Grows More Sophisticated

New research has revealed that the threat group behind the cryptocurrency-stealing MasterMana botnet has grown increasingly sophisticated and is now trapping victims through spoofed login portals.

Prevailion Tailored Intelligence image

How PHP’s Labyrinth Weaponized WordPress Themes for Profit

New findings from Prevailion’s Tailored Intelligence team indicate the rapid expansion of a series of supply chain attacks that transform installations of the popular WordPress content management system into hosts for a malicious advertising network. More than 20,000 web servers have been identified to be compromised in this campaign. WordPress has grown to become the backbone […]

Free, trojanized WordPress themes lead to widespread compromise of web servers

Over 20,000 web servers (and who knows how many websites) have been compromised via trojanized WordPress themes to deliver malware through malicious ads, Prevailion researchers have discovered.

WordPress botnet deploys anti-adblocker script to make sure its spammy ads are profitable

A threat actor that has infected more than 20,000 WordPress sites by running the same trick for at least three years: distributing trojanized versions of premium WordPress themes and plugins.

Prevailion Tailored Intelligence image

PHP’s Labyrinth – Weaponized WordPress Themes & Plugins

Authors:Danny Adamitis and Matt Thompson Overview Prevailion’s Tailored Intelligence team has followed an active supply chain attack that has been ongoing since late 2017, we named this campaign “PHPs Labyrinth.” In this operation, threat actors have been able to surreptitiously install malicious files into a large number of Premium WordPress Themes and Plugins. We assess […]

Image of Prevailion Threat Intel Funnel infographic

Indicators of Compromise are Dead — Introducing Evidence of Compromise

The mission of Evidence of Compromise is simple: empower companies to audit and continuously monitor the security of their supply chains to an unprecedented degree, with the possibility of even predicting future breaches based on this real-time intelligence. Current methods of cyber risk management, incident response and risk modeling have failed to keep up with the growing […]

Copyright 2021 Prevailion, Inc. All rights reserved.    

Disclaimer: Gartner “Cool Vendors in Security Operations and Threat Intelligence,” Mitchell Schneider, Ruggero Contu, John Watts, Craig Lawson, October 13, 2020. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner Disclaimer: The GARTNER COOL VENDOR badge is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.