• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login
cPanel Password Reset Vulnerability

January 19, 2021Rodrigo Escobar

Critical Vulnerabilities in 123contactform-for-wordpress WordPress Plugin

In mass infection scenarios, our Malware Research team often looks for attack vectors to find patterns and other similarities among compromised websites. The identification of these patterns allows us to deploy better and faster solutions to our customers, minimizing impacts from massive attacks. Recently during…

Read More about Critical Vulnerabilities in 123contactform-for-wordpress WordPress Plugin

Phishing Campaign

January 14, 2021Luke Leal

Real-Time Phishing Kit Targets Brazilian Central Bank

We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page in real time. What our…

Read More about Real-Time Phishing Kit Targets Brazilian Central Bank

Troldesh Ransomware Dropper

January 12, 2021Luke Leal

Obfuscation Techniques in Ransomweb “Ransomware”

As vital assets for many business operations, websites and their hosting servers are often the target of ransomware attacks — and if they get taken offline, this can cause major…

Read More about Obfuscation Techniques in Ransomweb “Ransomware”

January 7, 2021Luke Leal

Evaluating Cookies to Hide Backdoors

Identifying website backdoors is not always an easy task. Since a backdoors primary function is to conceal itself while providing unauthorized access, they are often developed using a variety of…

Read More about Evaluating Cookies to Hide Backdoors

January 5, 2021Ben Martin

Bogus CSS Injection Leads to Stolen Credit Card Details

A client recently reported their customers were receiving antivirus warnings when trying to access and purchase products from a Magento ecommerce website. This is almost always a telltale sign that…

Read More about Bogus CSS Injection Leads to Stolen Credit Card Details

December 29, 2020Mohit Jawanjal

SEO Spam Links in Nulled Plugins

It’s not unusual to see website owners running things on a budget. Choosing a safe and reliable hosting company, buying a nice domain name, boosting posts on social media, and…

Read More about SEO Spam Links in Nulled Plugins

Labs Note

December 17, 2020Krasimir Konov

The Dangers of Using Abandoned Plugins & Themes

It’s not very often that we see abandoned components being used on a website — but when we do, it’s most often because the website was exhibiting malware-like behavior and…

Read More about The Dangers of Using Abandoned Plugins & Themes

Lightbox Adware - From Innocent Scripts to Malicious Redirects

December 15, 2020Cesar Anjos

Why You Should Monitor Your Website

In an effort to maintain unauthorized access or profit off a website’s environment long after an initial compromise, attackers commonly leverage a variety of different techniques and tactics. These techniques…

Read More about Why You Should Monitor Your Website

Labs Note

December 10, 2020Krasimir Konov

Malware Dropper Takes Advantage of COVID-19 Pandemic

Since April, our team has been tracking the spread of a PHP malware dropper. It’s impacting unsuspecting victims who thought they were downloading a mapping software to monitor the spread…

Read More about Malware Dropper Takes Advantage of COVID-19 Pandemic

Labs Note

December 8, 2020Douglas Santos

Fake WordPress Functions Conceal assert() Backdoor

A few weeks ago, I was manually inspecting some files on a compromised website. While checking on a specific WooCommerce file, I noticed something interesting. Among 246 other lines, this…

Read More about Fake WordPress Functions Conceal assert() Backdoor

Labs Note

December 4, 2020Luke Leal

Obfuscation Techniques in MARIJUANA Shell “Bypass”

Attackers are always trying to come up with new ways to evade detection from the wide range of security controls available for web applications. This also extends to malware like…

Read More about Obfuscation Techniques in MARIJUANA Shell “Bypass”

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2021 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.