APT – Attempting to steal your domain

We all hear of APT (advanced persistent threat) and this is a good example of one trying to steal the vl.com domain. Very good read:

Dreamhost account hacked

David Dede

David is a Security Researcher at Sucuri. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.

Related Tags

Hacked Websites

Improvements to SiteCheck Website Scanner

Jonas Andrijauskas
January 18, 2019

SiteCheck is Sucuri’s free website malware and security scanner offered to anyone who wants to scan their websites for malware and blacklist status. Last year,…

Read the Post

Finding & Fixing Google Blocklist Warnings

Ashley Sand
January 10, 2022

When a website is added to a blocklist by blocklist authorities it can be painfully stressful for their business. SEO rankings take a dive, and…

Read the Post

WordPress Database Upgrade Phishing Campaign

Denis Sinegubko
September 4, 2018

We have recently been notified of phishing emails that target WordPress users. The content informs site owners that their database requires an update and looks…

Read the Post

WordPress Hacked: What to Do When Your Site is Compromised

Rianna MacLeod
February 23, 2024

OK – your WordPress site is hacked. Now what? Questions we frequently get from new users are, “Why was my WordPress site hacked?” and “What…

Read the Post

Website Security

Wikipedia Page Review Reveals Minr Malware

Denis Sinegubko
February 19, 2018

Since December, we’ve seen a number of websites with this funny looking obfuscated script injected at the very top of the HTML code (before the…

Read the Post

Reflected XSS in WordPress Plugin Admin Pages

Antony Garand
September 8, 2020

The administrative dashboard in WordPress is a pretty safe place: Only elevated users can access it. Exploiting a plugin’s admin panel would serve very little…

Read the Post

Hiding malicious code from the user using white spaces

Yuliyan Tsvetkov
February 14, 2017

Over the years, attackers have used different techniques for hiding malicious files on websites. They obfuscated code, changed legit functions to execute malware, modified whole…

Read the Post

Critical Vulnerabilities in 123contactform-for-wordpress WordPress Plugin

Rodrigo Escobar
January 19, 2021

In mass infection scenarios, our Malware Research team often looks for attack vectors to find patterns and other similarities among compromised websites. The identification of…

Read the Post

Sucuri WAF Now Supports HTTP/3: A Faster and More Secure Web Experience

Kyle Knight
January 28, 2025

We’re excited to announce that the Sucuri Web Application Firewall (WAF) now supports HTTP/3, the latest version of the HTTP protocol. This upgrade brings significant…

Read the Post

SocGholish and NDSW NDSX malware, FakeUpdates, SilverFish (SolarWind) and ransomware

SocGholish Malware: Script Injections, Domain Shadowing, IPs & Obfuscation Techniques

Denis Sinegubko
August 16, 2022

In June 2022, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected and cleaned…

Read the Post

Related Tags

Related Categories

You May Also Like