SOC Incident Toolkit
Back to Campaigns
 WordPress Under Siege: The Expansive Reach of Balada Injector Malware

WordPress Under Siege: The Expansive Reach of Balada Injector Malware

BaladaInjectorWordPressSecurityMalwareCampaignWordPressMalwareHackingPrevention

Balada Injector is a significant and persistent malware campaign that primarily targets WordPress websites. Active since 2017, this campaign has infected over a million WordPress sites. Its main strategy involves exploiting vulnerabilities in WordPress themes and plugins, employing various techniques for this purpose.

Indicators of Compromise

Domains (285)

indolian.comcore-me.computtraffic.comtrustfidel.comaxtwelding.commadputl.comswoonwastan.sitelittlereaderslibrary.comhostigram.xyzgiantttraffic.comfriendsfpt.comae14.cr4-atl2.ip4.gtt.netfollowmyfirst1.comgabriellalovecats.comstablelightway.comride1atv.comimporttraffic.comgoldenmoviesawards.comstatisticscripts.commakesomethird3.com+265 more

Hashes (177)

d82562a1db289dff5085aee93a4a1bf572ee1ade364205e146a42667e02404d334e60c6428c744f8e889f94714d011f59e67920a697aec4c1fcb9bc56e12e08424bf069e9f2a1f12aefa391674ed82059386b0aa8e104cc58e62de0eab837ac09b01d30e85f79045cc1803fa2ef4eafbdbd41e8d8eedc01c11b251481dec59e5308dccc3a9c49e26fdf35630e97459d3c90b5c75178bbad195ccafeac734b1050c3c7843fadb011bcecdd3919242b4019d0746772ac48ce62637a76d2702f070c54770f5bc3bd5bdb673d1d797d7519bf8ba20d24074192577ad6e3ff909ad3828bdcffd4720deace900fc6e22a00ab2c1a3e3820978a916ecb33529c1cf7915d2ad6e4c484bbdb365a73b946adeca7edc624d85c9af02b3d607e1e65df2580a32fb143b9c40fc7f68e71e6aac9230343ede8888453040a8b1b6c5170e65f271d4434aa82b65d2c071b1e17a2aa5eb3f0c6b51671ad2a1bc705042152c4ab74db3e15d4e5a68d0d83e61d78edc1801b5afbbe0a071b9d4139e9e3ee0b84d775cf5de9234ec178e4a94c5c459f0c6e8ad3bffc977ba20b116b4d9d88eab4736b0db10e29ce9a9b312a987665e752974c3a3bf1982f827c7f26f7e25d4c85b76b0a102f76dd2e9b5fa71d6f9e599fccc63879a666b3d019d61d8e68101d51fd2852a15c1e8ccbe3f2091309eb635107bf9a3571eb2e7dac18b726deb4b574afcec719331221014fefc45e623e57ff81468b21fcbc186fa7f448be48a40f61828af9c24ac16074c61d465a65678+157 more

IPv4 (95)

149.34.253.1498.42.207.81194.87.31.188185.39.206.160194.195.84.1032.59.222.119185.17.0.7464.225.105.5637.220.87.837.75.98.113185.215.113.206185.215.113.9846.173.223.84199.188.204.24564.190.63.111141.98.6.20387.236.146.9379.141.174.253179.43.155.137185.180.196.9+75 more

CVEs (3)

CVE-2021-27878CVE-2021-27876CVE-2021-27877

Notes

<span id="docs-internal-guid-933fabdb-7fff-b1b1-4b01-43724b8c2553"><p style="line-height:1.38;margin-top:15pt;margin-bottom:15pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Vulnerability Management:</span></p></span><span id="docs-internal-guid-933fabdb-7fff-b1b1-4b01-43724b8c2553"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">CONCLUSION</span></p><p style="line-height:1.38;margin-top:15pt;margin-bottom:15pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Enhancing Website Security with SOCRadar:</span></p><p style="line-height:1.38;margin-top:15pt;margin-bottom:15pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">In an ever-evolving landscape of cybersecurity threats, SOCRadar stands at the forefront of safeguarding your digital assets, particularly your website. Our comprehensive threat detection and response platform offer a range of solutions to address the challenges highlighted in recent observations.</span></p><p style="line-height:1.38;margin-top:15pt;margin-bottom:15pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Continuous Threat Monitoring:</span></p><ul style="margin-top:0;margin-bottom:0;"><li style="list-style-type: disc; font-size: 12pt; font-family: Roboto, sans-serif; color: rgb(55, 65, 81); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre;"><p style="line-height:1.38;margin-top:15pt;margin-bottom:15pt;" role="presentation"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">SOCRadar provides continuous monitoring on dark web and&nbsp; threat actor groups.&nbsp; Update you with their latest tactics, techniques and procedures.&nbsp;</span></p></li></ul></span><span id="docs-internal-guid-933fabdb-7fff-b1b1-4b01-43724b8c2553"><ul style="margin-top:0;margin-bottom:0;"><li style="list-style-type: disc; font-size: 12pt; font-family: Roboto, sans-serif; color: rgb(55, 65, 81); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre;"><p style="line-height:1.38;margin-top:15pt;margin-bottom:15pt;" role="presentation"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Keeping your CMS applications, plugins, and themes up-to-date is crucial. SOCRadar assists organizations in identifying and managing vulnerabilities. Our platform provides timely alerts and actionable recommendations for applying critical security patches and updates.</span></p></li></ul><p style="line-height:1.38;margin-top:15pt;margin-bottom:15pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">User Account Security:</span></p><ul style="margin-top:0;margin-bottom:0;"><li style="list-style-type: disc; font-size: 12pt; font-family: Roboto, sans-serif; color: rgb(55, 65, 81); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre;"><p style="line-height:1.38;margin-top:15pt;margin-bottom:15pt;" role="presentation"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">We understand the significance of user account security. SOCRadar monitors user accounts and databases in data breach sources, underground hacker forums and channels for data leak and suspicious activities. </span></p></li></ul><div><span id="docs-internal-guid-36a4926b-7fff-ec0f-9cbb-a80f40074d44"><p style="line-height:1.38;margin-top:15pt;margin-bottom:15pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Threat Intelligence and Trend Analysis:</span></p><ul style="margin-top:0;margin-bottom:0;"><li style="list-style-type: disc; font-size: 12pt; font-family: Roboto, sans-serif; color: rgb(55, 65, 81); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre;"><p style="line-height:1.38;margin-top:15pt;margin-bottom:15pt;" role="presentation"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">SOCRadar provides valuable threat intelligence feeds and insights into emerging trends and attack vectors. We keep you well-informed about the latest threats, empowering you to take proactive security measures.</span></p></li></ul><p style="line-height:1.38;margin-top:15pt;margin-bottom:0pt;"><br></p><div><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;"><br></span></div></span></div></span>

Mitigation

<b>MITIGATIONS</b><div><span id="docs-internal-guid-fc300b57-7fff-aae7-5c84-3e75efdb37d3"><h2 style="line-height: 1.44; margin-top: 0pt; margin-bottom: 4pt;"></h2><div style="margin-left:2.25pt;" align="left"><table style="border:none;border-collapse:collapse;"><colgroup><col><col><col></colgroup><tbody><tr style="height:37.75pt;"><td style="border-left:solid #dfdfdf 0.75pt;border-right:solid #dfdfdf 0.75pt;border-bottom:solid #dee2e6 1.5pt;border-top:solid #dfdfdf 0.75pt;vertical-align:bottom;background-color:#f2f2f2;padding:5pt 5pt 5pt 5pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;text-align: center;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 12pt; font-family: Arial, sans-serif; color: rgb(33, 37, 41); background-color: transparent; font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">ID</span></p></td><td style="border-left:solid #dfdfdf 0.75pt;border-right:solid #dfdfdf 0.75pt;border-bottom:solid #dee2e6 1.5pt;border-top:solid #dfdfdf 0.75pt;vertical-align:bottom;background-color:#f2f2f2;padding:5pt 5pt 5pt 5pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;text-align: center;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(33, 37, 41); background-color: transparent; font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Mitigation</span></p></td><td style="border-left:solid #dfdfdf 0.75pt;border-right:solid #dfdfdf 0.75pt;border-bottom:solid #dee2e6 1.5pt;border-top:solid #dfdfdf 0.75pt;vertical-align:bottom;background-color:#f2f2f2;padding:5pt 5pt 5pt 5pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;text-align: center;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(33, 37, 41); background-color: transparent; font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Description</span></p></td></tr><tr style="height:56.5pt;"><td style="border-left:solid #dfdfdf 0.75pt;border-right:solid #dfdfdf 0.75pt;border-bottom:solid #dfdfdf 0.75pt;border-top:solid #dee2e6 1.5pt;vertical-align:top;background-color:#f2f2f2;padding:5pt 5pt 5pt 5pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1040"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(79, 124, 172); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">M1040</span></a></p></td><td style="border-left:solid #dfdfdf 0.75pt;border-right:solid #dfdfdf 0.75pt;border-bottom:solid #dfdfdf 0.75pt;border-top:solid #dee2e6 1.5pt;vertical-align:top;background-color:#f2f2f2;padding:5pt 5pt 5pt 5pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1040"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(79, 124, 172); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Behavior Prevention on Endpoint</span></a></p></td><td style="border-left:solid #dfdfdf 0.75pt;border-right:solid #dfdfdf 0.75pt;border-bottom:solid #dfdfdf 0.75pt;border-top:solid #dee2e6 1.5pt;vertical-align:top;background-color:#f2f2f2;padding:5pt 5pt 5pt 5pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(33, 37, 41); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Some endpoint security solutions can be configured to block some types of process injection based on common sequences of behavior that occur during the injection process. For example, on Windows 10, Attack Surface Reduction (ASR) rules may prevent Office applications from code injection. </span><a href="https://docs.microsoft.com/microsoft-365/security/defender-endpoint/attack-surface-reduction"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(79, 124, 172); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">[78]</span></a></p></td></tr></tbody></table><span id="docs-internal-guid-70b4ca10-7fff-1807-c03c-deb6e12637fc"><h2 style="line-height: 1.44; margin-top: 0pt; margin-bottom: 4pt;"></h2><div style="margin-left:2.25pt;" align="left"><table style="border:none;border-collapse:collapse;"><colgroup><col><col><col></colgroup><tbody><tr style="height:69.25pt;"><td style="border-left:solid #dfdfdf 0.75pt;border-right:solid #dfdfdf 0.75pt;border-bottom:solid #dfdfdf 0.75pt;border-top:solid #dfdfdf 0.75pt;vertical-align:top;background-color:#f2f2f2;padding:5pt 5pt 5pt 5pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1026"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(79, 124, 172); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">M1026</span></a></p></td><td style="border-left:solid #dfdfdf 0.75pt;border-right:solid #dfdfdf 0.75pt;border-bottom:solid #dfdfdf 0.75pt;border-top:solid #dfdfdf 0.75pt;vertical-align:top;background-color:#f2f2f2;padding:5pt 5pt 5pt 5pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1026"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(79, 124, 172); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Privileged Account Management</span></a></p></td><td style="border-left:solid #dfdfdf 0.75pt;border-right:solid #dfdfdf 0.75pt;border-bottom:solid #dfdfdf 0.75pt;border-top:solid #dfdfdf 0.75pt;vertical-align:top;background-color:#f2f2f2;padding:5pt 5pt 5pt 5pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(33, 37, 41); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Utilize Yama (ex: /proc/sys/kernel/yama/ptrace_scope) to mitigate ptrace based process injection by restricting the use of ptrace to privileged users only. Other mitigation controls involve the deployment of security kernel modules that provide advanced access control and process restrictions such as SELinux, grsecurity, and AppArmor.</span></p></td></tr></tbody></table><br></div><div style="margin-left:2.25pt;" align="left"><span id="docs-internal-guid-a5ae2a39-7fff-568a-10e1-fa4d540fe240"><ul style="margin-top:0;margin-bottom:0;"><li style="list-style-type: disc; font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" role="presentation"><span style="font-size: 11pt; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Patch Management and Software Updates: Organizations should implement a comprehensive patch management program to ensure that all software and operating systems are updated with the latest security patches. This helps mitigate the risk of exploitation by threat actors like the Balada Injector Group.</span></p></li><li style="list-style-type: disc; font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" role="presentation"><span style="font-size: 11pt; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Security Awareness Training: Employees should be educated about phishing and social engineering techniques to recognize and avoid malicious emails and websites. Regular security awareness training can help reduce the risk of successful phishing attacks.</span></p></li><li style="list-style-type: disc; font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre;"><span style="font-size: 11pt; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Remove any unnecessary or unused plugins and themes from your Wordpress website. This will reduce the potential attack surface and minimize the risk of exploitation.<br></span></li></ul></span><span id="docs-internal-guid-a5ae2a39-7fff-568a-10e1-fa4d540fe240"><ul style="margin-top:0;margin-bottom:0;"><li style="list-style-type: disc; font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" role="presentation"><span style="font-size: 11pt; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Make sure to update all themes and plugins to their latest versions. Regular updates often include security patches that can help protect your website from known vulnerabilities.</span></p></li><li style="list-style-type: disc; font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" role="presentation"><span style="font-size: 11pt; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Check for any unauthorized or suspicious administrator accounts and remove them from your WordPress installation.</span></p></li><li style="list-style-type: disc; font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" role="presentation"><span style="font-size: 11pt; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Ensure that your website's database and all user passwords are strong, unique, and secure. Changing passwords regularly can help prevent unauthorized access.</span></p></li><li style="list-style-type: disc; font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" role="presentation"><span style="font-size: 11pt; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Regularly scan your website for any signs of malicious code or backdoors, and remove them promptly if detected.</span></p></li><li style="list-style-type: disc; font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space: pre;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" role="presentation"><span style="font-size: 11pt; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Consider implementing a web application firewall (WAF) to provide an additional layer of protection against common web-based attacks</span></p></li></ul></span></div></span></div></span></div>