Nimbusec Website Security Monitor Issue Types (Short)

Malware

Malware	Malicious code fragments are found on a Web page. Typical examples would be, amongst others, credit card skimmers, crypto miners or tech scams.
SEO-Spam	If changes on a website are detected while acting as 'googlebot' instead of the default browser agent a warning for suspicious behavior is created

Web Shell

Web Shell

ContentApplication

~~owner~~or~~maythe~~

~~Defacement~~CMS Version	~~The~~An ~~visual~~application ~~appearance~~running ofon aan ~~website~~outdated ~~was~~verrsion ~~changed~~has tobeen ~~distribute~~found ~~social, political or just for fun messages to~~on the ~~visitor~~website
~~Content~~CMS ~~Violation~~Vulnerable	~~Changes~~An ofapplication ~~the content of~~with a ~~Web~~possible ~~page~~vulnerability ~~are~~has ~~detected.~~been ~~These~~found ~~change may be intended by~~on the website
CMS beTampered	Core ~~result~~file of aWordPress ~~malicious~~change ~~attack.~~and are only generated by Nimbusec's server agent. However, Nimbusec ~~does~~cannot not distinguish between legitimate and malicious changes.

Reputation

~~Blacklist~~	~~The domain which is subject to review is found on blacklists monitored by Nimbusec~~
~~Suspicious Link~~	Suspicious resources, based on blacklists monitored by Nimbusec, are embedded (but not loaded) on a Web page. A typical example of this type of event would be a link (a-tag) which points to a suspicious domain found in the Nimbusec blacklist.
~~Suspicious Request~~	A suspicious resource, based on blacklists monitored by Nimbusec, is actively loaded by a Web page. A typical example of this type of event would be a JavaScript source which points to a suspicions domain.

TLS

TLS Protocol	Unsafe TLS protocol allowed in configuration
TLS Ciphersuite	Unsafe TLS cipher allowed in configuration
TLS Sigalg	Outdated hash algorithm was used in the creation of the certificate
TLS Notrust	Untrasted root certificate
TLS Hostname	Hostname or alternative name does not match the certificate
TLS Expires	The TLS certificate will expire soon or has already expired
TLS Legacy	Symantec legacy certificate in use
TLS Misconfigured Chain	The received certificate chain was incomplete or misconfigured
TLS Revoked Cert	The certificate was revoked
No HTTPS Redirect	HTTP website does not redirect to HTTPS

ApplicationContent

ownerorbe

~~CMS Version~~Defacement	AnThe ~~application~~visual ~~running~~appearance onof ana ~~outdated~~website ~~verrsion~~was ~~has~~changed ~~been~~to ~~found~~distribute onsocial, political or just for fun messages to the ~~website~~visitor
~~CMS~~Content ~~Vulnerable~~Violation	AnChanges ~~application~~of ~~with~~the content of a ~~possible~~Web ~~vulnerability~~page ~~has~~are ~~been~~detected. ~~found~~These onchange may be intended by the website
~~CMS~~may ~~Tampered~~	~~Core~~the ~~file~~result of ~~WordPress~~a ~~change~~malicious ~~and are only generated by Nimbusec's server agent.~~attack. However, Nimbusec ~~cannot~~does not distinguish between legitimate and malicious changes.

Blacklist

Blacklist

The domain which is subject to review is found on blacklists monitored by Nimbusec

Reputation

Suspicious Link	Suspicious resources, based on blacklists monitored by Nimbusec, are embedded (but not loaded) on a Web page. A typical example of this type of event would be a link (a-tag) which points to a suspicious domain found in the Nimbusec blacklist.
Suspicious Request	A suspicious resource, based on blacklists monitored by Nimbusec, is actively loaded by a Web page. A typical example of this type of event would be a JavaScript source which points to a suspicions domain.

Back to top