• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Archives for March 2017

March 30, 2017Denis Sinegubko

Spotting a Hidden SEO Hack: “Play One”

SEO hacks continue to plague websites as attackers abuse SERP rankings for their own gain. The time and effort spent by the website owner creating content, optimizing pages and building links is stolen by an attacker in an instant. For many years, spam injections placed…

Read More about Spotting a Hidden SEO Hack: “Play One”

March 28, 2017Northon Torga

Testing the Impacts of Website Caching Tools

Try to remember what you ate for lunch yesterday. It took you about 3-5 seconds, right? Ok. Now recall that memory once more. Took you less than a second this…

Read More about Testing the Impacts of Website Caching Tools

March 22, 2017Tony Perez & Daniel Cid

GoDaddy+= Sucuri: Building a Security Platform For Every Website Owner

Authored by Daniel & Tony We are happy to announce that as of today Sucuri will be joining the GoDaddy family. This acquisition will bring the best of both worlds….

Read More about GoDaddy+= Sucuri: Building a Security Platform For Every Website Owner

March 17, 2017Fernando Barbosa

Malicious Subdirectories Strike Again

In a previous post, we illustrated how attackers were fetching information from compromised sites under their control to display spam content on other hacked websites. By adding malicious files into…

Read More about Malicious Subdirectories Strike Again

Labs Note

March 16, 2017Yuliyan Tsvetkov

Attackers Silently add new user with Administrator role to WordPress sites

Attackers tend to get smarter in order to avoid detection, as well as gain access to your WordPress site. They use legit functions of the WordPress core to create users,…

Read More about Attackers Silently add new user with Administrator role to WordPress sites

March 15, 2017Denis Sinegubko

SEO Spam Campaign Exploiting WordPress REST API Vulnerability

Just over a week ago, WordPress released version 4.7.3 to patch multiple security issues. Despite the automatic update feature provided by many hosting companies, there are still many WordPress websites…

Read More about SEO Spam Campaign Exploiting WordPress REST API Vulnerability

Labs Note

March 14, 2017Fernando Barbosa

doc.google.com.TROJAN

During an incident response process, we identified some files located at a website’s root folder. Although they had different filenames (post.php, news.php, home.php, etc), they had the same malicious content:…

Read More about doc.google.com.TROJAN

WordPress Vulnerablity Disclosre

March 13, 2017Marc-Alexandre Montpas

Stored XSS in WordPress Core

As you might remember, we recently blogged about a critical Content Injection Vulnerability in WordPress which allowed attackers to deface vulnerable websites. While our original disclosure only described one vulnerability, we actually reported…

Read More about Stored XSS in WordPress Core

March 10, 2017Bruno Zanelato

SF9 Realex Magento Module Targeted by Credit Card Scrapers

Attackers are constantly developing new techniques to compromise ecommerce websites and steal sensitive data. Over the last several weeks, we tracked massive attacks against Magento sites where attackers are injecting…

Read More about SF9 Realex Magento Module Targeted by Credit Card Scrapers

Labs Note

March 9, 2017Yuliyan Tsvetkov

Set your Cookie, Execute a Command

Backdoors evolve. They tend to get more complex, harder to understand and harder to decode, but this is not always the case. Most of the backdoors rely on PHP-enabled engine…

Read More about Set your Cookie, Execute a Command

March 8, 2017Fioravante Souza

Bank Phishing Incident Analysis

Everyone has received a phishing scam via email at one point or another. Thanks to modern anti-spam technology, most of these messages are blocked from ever reaching our inboxes. I…

Read More about Bank Phishing Incident Analysis

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2022 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.