As part of a vulnerability research project for our Sucuri Firewall (WAF), we have been auditing multiple open source projects looking for security issues. While…
There is no more frustrating experience than knowing you need something, but not knowing which questions to ask. This resonates with website owners when they…
During a recent incident response investigation, we detected an infected website loading spam content from another location. The malware was responsible for fetching the spam…
Several months ago, our research team identified a fake analytics infection, known as RealStatistics. The malicious Javascript injection looks a lot like tracking code for…
Throughout the last few months, we published multiple articles about simple but powerful backdoors and how attackers get creative. Virtually in all cases, the code…
Ecommerce refers to websites that involve online purchases. This functionality sparks new challenges, concerns, and requirements for website security. Online shopping, to many people, is…