After many suggestions, we decide to setup a blog to better communicate with our users. Expect updates from http://sucuri.net and some security-related posts from us.
You May Also Like
Malicious Backdoor Hidden Inside Fake Image
- July 17, 2017
During an incident response investigation, we detected an interesting backdoor that was hidden in a fake image. The attacker was quite creative in creating an…
Stored XSS in Elementor
- January 29, 2020
During a routine audit of WordPress plugins last december, we discovered a Stored XSS vulnerability in the very popular Elementor Page Builder plugin, which powers…
Fake Volkswagen Campaign Spreads Through Social Networks
- December 7, 2018
We recently investigated a suspicious link received by one of my colleagues on WhatsApp. The message (in Portuguese) states that Volkswagen is offering 20 free…
Is My Site Hacked? 4 Gut Checks
- December 3, 2021
The consequences of a hacked site have wide-ranging financial repercussions that extend beyond the cost of cleaning the site. Drop-offs can be anticipated for new…
WordPress Plugin Give – Stored XSS for Donors
- May 15, 2019
Give is a WordPress plugin which allows users to setup a donation page on a website. It currently has 60k installs. During a recent audit…
How to Improve Website Resilience for DDoS Attacks – Part II – Caching
- August 9, 2018
In the first post of this series, we talked about the practices that will optimize your site and increase your website’s resilience to DDoS attacks.…
Sucuri Named December 2018 Gartner Customers’ Choice for Web Application Firewalls
- December 18, 2018
The Sucuri team is excited to announce that we have been recognized as a December 2018 Gartner Peer Insights Customers’ Choice for the Sucuri Firewall.…
Fake Google Domains Used in Evasive Magento Skimmer
- July 25, 2019
We were recently contacted by a Magento website owner who had been blacklisted and was experiencing McAfee SiteAdvisor “Dangerous Site” warnings. Our investigation revealed that…
5 Year Anniversary of the SoakSoak Malware Tsunami
- December 19, 2019
This is a story about the SoakSoak malware campaign that proved that you can’t underestimate impact of security issues in popular premium software. These days,…
Misuse of WordPress update_option() function Leads to Website Infections
- September 16, 2019
In the past four months, Sucuri has seen an increase in the number of plugins affected by the misuse of WordPress’ update_option() function. This function…










2 comments
“/>
“/>
[click here](javascript:alert(document.domain))
Comments are closed.