Sucuri Security Blog

After many suggestions, we decide to setup a blog to better communicate with our users. Expect updates from http://sucuri.net and some security-related posts from us.

David Dede

David is a Security Researcher at Sucuri. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.

2 comments

http://example.com says:
October 8, 2016 at 11:30 am
“/>
“/>
http://example.com says:
October 8, 2016 at 11:32 am
[click here](javascript:alert(document.domain))

Comments are closed.

Is My Site Hacked? (13 Signs)

Rianna MacLeod

February 23, 2023

Symptoms of a hack can vary wildly. A concerning security alert from Google, a browser warning when you visit your site, or even a notice…

Read the Post

Core Integrity Verifications

Gerson Ruiz

August 28, 2018

In order to clean a malware infection, the first thing we need to know is which files have been compromised. At Sucuri, we use several…

Read the Post

Website Security

Fake Ransomware Infection Spooks Website Owners

Ben Martin

November 15, 2021

Starting this past Friday we have seen a number of websites showing a fake ransomware infection. Google search results for “FOR RESTORE SEND 0.1 BITCOIN”…

Read the Post

WordPress Redirect Hack via Test0.com/Default7.com

Multistage WordPress Redirect Kit

Ben Martin

September 8, 2021

Recently, one of our analysts @kpetku came across a series of semi-randomised malware injections in multiple WordPress environments. Typical of spam redirect infections, the malware…

Read the Post

PCI for SMB: Requirement 10 & 11 – Regularly Monitor and Test Networks

Victor Santoyo

March 11, 2019

Update: Read our new PCI Compliance guide. Welcome to the seventh post of a series on understanding the Payment Card Industry Data Security Standard–PCI DSS.…

Read the Post

The dangers of installing nulled wordpress plugins and themes

The Dangers of Installing Nulled WordPress Themes & Plugins

Nathan Chaddock

February 16, 2023

Nulled WordPress themes and plugins are a controversial topic for many in the web development world — and arguably one of the bigger threats to…

Read the Post

August 2022 WordPress Vulnerabilities Roundup

WordPress Vulnerabilities & Patch Roundup — August 2022

Antony Garand

August 30, 2022

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…

Read the Post

Spam Injector Disguised as a License Key in a WordPress Website

Spam Injector Disguised as License Key in WordPress Website

Moe O

January 29, 2019

Here at Sucuri, we clean WordPress websites every day. There are various types of common malware, but when we stumble upon a different scenario, our…

Read the Post

How APIs Can Streamline Your Operations

Victor Santoyo

June 5, 2018

Day-to-day operations can present many challenges. Whether you’re wearing multiple hats within the same department or a project lead managing dozens, even hundreds of web…

Read the Post

PHP Script Nukes All Website Files

Ben Martin

August 8, 2017

Most malware and spam that we come across has some sort of discernable purpose to it, usually something which benefits the attackers financially. This is…

Read the Post

2 comments

Related Categories

You May Also Like