Website Security News
When cleaning websites, one of the most complicated parts of our job is ensuring we find all backdoors. Most of the time, attackers inject code into different locations to increase the chances of reinfecting the site and maintaining access for as long as possible. Our…
Earlier this week we wrote about how to use command line tools to back up your website. Check out our previous article for details on how we create these backups….
Read More about How to Restore Website Backups from the Command Line
Creating website backups should be one of the most important recurring tasks for a website administrator, and yet backups are often forgotten when thinking about website security. Creating backups using…
Read More about How to Create Website Backups Using Command-line Tools
I have a website. Sweet! What happens next? Well, it’s a natural question. I had a brilliant idea and purchased a domain name, but what do I do next? Storks…
Read More about Setting Expectations For Your Website Security
Backdoors are found in 72% of infected websites, according to our latest reports. Backdoors are files left on the server by attackers in order to retain access to your site and…
Read More about Register My Backdoor – Unorthodox Invocation Mechanisms
This month, our Malware Research and Incident Response teams wrote about redirects that deliver malware and ads to visitors, as well as a backdoor method that attempts to hide from…
If you suffer multiple reinfections and your site is one of many in an account, the odds are high that you’re suffering from cross-site contamination. Cross-site contamination is when a…
Read More about What is Cross-Site Contamination and How to Prevent it
PHP contains an interesting but rarely used feature called Phar, which stands for PHp ARchive, that allows developers to package entire applications as a single executable file. It also boasts…
Read More about Code Injection in Signed PHP Archives (Phar)
Drupal is an open-source content management system and website builder with a unique structure that allows it to be highly flexible and extendible. For these reasons and more, it’s favored…
Read More about New Guide on How to Clean a Hacked Drupal Sites
Last year we took a look at how attackers were infecting Drupal installations to spread their spam and keep their campaigns going by just including a malicious file in each…
Read More about Evolution of Conditional Spam Targeting Drupal Sites
As part of a vulnerability research project for our Sucuri Firewall, we have been auditing popular open source projects looking for security issues. While working on the WordPress plugin WP…
Read More about SQL Injection Vulnerability in WP Statistics
