Website Security News
Compromised sites being injected with SPAM SEO is something we deal very often. A few months ago we wrote about a wave of SPAM injections known as HideMe. However, the bad guys are always getting more and more “creative”, and they’ve developed a better version…
We have seen it all when it comes to compromised sites: from silly defacements, to malware, spam, phishing and all sorts of injections. However, the bad guys are always looking…
Read More about Phishing 2.0 – Credit Card Redirection on Compromised Sites
We are happy to announce that after more than a year in testing, Sucuri’s Cloud WAF is out of beta. CloudProxy is currently available to Sucuri customers, so if you…
Read More about Sucuri CloudProxy Web Application Firewall (WAF) – Out of Beta
Update: Brute force protection now available: http://cloudproxy.sucuri.net/brute-force-protection Over the past few months there has been a lot of discussion about WordPress Brute Force attacks. With that discussion has come a…
Ubuntu’s official forum web site (ubuntuforums.org) was hacked, defaced and all user names and passwords stolen. The forum was very popular with over 1.8 million registered users. The site is…
When an attacker manages to compromise and get access to a website, they won’t stop there. They will aim to gain full root (admin) access to the entire server. If…
Read More about From a Site Compromise to Full Root Access – Bad Server Management – Part III
A few days ago, Peter Gramantik from our research team found a very interesting backdoor on a compromised site. This backdoor didn’t rely on the normal patterns to hide its…
Three years later we are still seeing SSH brute force attacks compromising sites on a frequent basis. One of the first server-level compromises I had to deal with in my…
Read More about SSH Brute Force – The 10 Year Old Attack That Still Persists
Piwik is an open source web analytics software that is used by many web masters. Andthe bad guys are using their popularity to try to make their malware injection harder…
If you did a SiteCheck scan today, you probably saw a new entry in the Blacklist tab for ESET. ESET has been a good friend of ours and they opened…
Today we found a malicious iframe that was being loaded from juquery.com (another fake jquery site). Itconsisted of the following code hidden inside one of the plugins: function browser_compability() {…
