Sucuri Security Blog

After many suggestions, we decide to setup a blog to better communicate with our users. Expect updates from http://sucuri.net and some security-related posts from us.

David Dede

David is a Security Researcher at Sucuri. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.

2 comments

http://example.com says:
October 8, 2016 at 11:30 am
“/>
“/>
http://example.com says:
October 8, 2016 at 11:32 am
[click here](javascript:alert(document.domain))

Comments are closed.

Phishing and Malware via SMS Text Message

Krasimir Konov
March 6, 2020

We’ve recently noticed an increase in reports of phishing and malware being distributed via SMS text messages. During one investigation, we identified fake messages sent…

Read the Post

E-commerce Website Security Strategy for Holiday Shopping Season

Ashley Sand
December 10, 2021

As shopping season approaches once again, we’d like to give you some helpful advice when it comes to managing an e-commerce site, and how to…

Read the Post

2020 Website Security Glossary

Art Martori
March 16, 2020

As the online threat landscape continues to evolve, so too does the language we use to describe it. To support a safer internet for everyone,…

Read the Post

JavaScript Malware Switches to Server-Side Redirects & Uses DNS TXT Records as TDS

JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS

Denis Sinegubko
April 18, 2024

Last August we documented a malware campaign that was injecting malicious JavaScript code into compromised WordPress sites to redirect site visitors to VexTrio domains. The…

Read the Post

Fake Google reCAPTCHA Used in Bank Phishing

Website Security

Hackers Use Fake Google reCAPTCHA to Cloak Banking Malware

Luke Leal
February 21, 2019

The most effective phishing and malware campaigns usually employ one of the following two age-old social engineering techniques: Impersonation These online phishing campaigns impersonate a…

Read the Post

WooCommerce Credit Card Skimmer Reveals Tampered Plugin

Ben Martin
March 21, 2023

Disclaimer: The malware infection described in this article does not affect the software plugin as a whole and does not indicate any vulnerabilities or security…

Read the Post

Sucuri WordPress Plugin Updates for 2024

Rianna MacLeod
March 13, 2024

At Sucuri, we believe in making the internet safe for everyone. One way we show this is through our free WordPress security plugin. The Sucuri…

Read the Post

WordPress Vulnerability & Patch Roundup December 2022

Rodrigo Escobar
December 28, 2022

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…

Read the Post

Backdoors: The Hidden Threat Lurking in Your Website

Kyle Knight
January 17, 2025

Website backdoors are a silent yet deadly threat to website security. These stealthy mechanisms bypass standard authentication, providing attackers with persistent, unauthorized access to a…

Read the Post

Experience + Technology: How We Clean Infected Websites at Sucuri

5 Tips for Long-Term Remote Workers

Allison Bondi
October 6, 2021

If you’ve just started remote working, are remote-curious, or are transitioning into a permanently remote position, these tips can help you find success working…

Read the Post

2 comments

Related Categories

You May Also Like