Website Security News
We recently noticed an interesting example of network infrastructure resources being used over a period of time by more than one large scale malware campaign (e.g redirected traffic, cryptomining). This was discovered when reviewing sources of the various malicious domains used in a recent WordPress…
Read More about Malware Campaigns Sharing Network Resources: r00ts.ninja
This is the last post in our series on E-commerce Security: Intro to Securing an Online Store – Part 1 Intro to Securing an Online Store – Part 2 Today,…
Read More about E-Commerce Security – Planning for Disasters
We’re seeing an increase in the number of cases where attackers are disabling WordPress sites by removing or rewriting its wp-config.php file. These cases are all linked to the same vulnerable software:…
As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the YITH WooCommerce Wishlist plugin for WordPress. This plugin allows visitors and…
Read More about SQLi Vulnerability in YITH WooCommerce Wishlist
Shopping season is here, and with that, so is the opportunity for ecommerce site owners to grow their revenue and reputation. However, hackers are also busy infecting ecommerce websites with…
Read More about Risks For E-commerce Site Owners Through the Holidays
In the last few months, we noticed an increase in attacks targeting ecommerce platforms aiming to steal credit card information. We saw a similar rise last year after the summer…
Read More about Ecommerce Security: Fake Jquery Used as CC Scraper
Since late last year, there has been a steady rise in malware campaigns that aim to steal sensitive personal information and financial credentials. Attackers often insert pieces of malicious code…
Read More about Ecommerce Security – Customer Data Breaches Using Images
We are starting to see remote command execution (RCE) attempts trying to exploit the latest WordPress REST API Vulnerability. These RCE attempts started today after a few days of attackers…
Read More about RCE Attempts Against the Latest WordPress REST API Vulnerability
Ask Sucuri: My site is under a brute force attack. What can I do? How can we solve this password guessing problem known as brute forcing? This is a common…
Read More about Ask Sucuri: How to Stop Brute Force Attacks?
A few weeks ago we ran an experiment to see how long it would take for some IPv4-only and IPv6-only servers to be compromised via SSH brute force attacks. We…
Cart66 offers a comprehensive plugin solution for WordPress shop owners. With a unique suite of services, intuitive features, and essential security components, Cart66 provides everything you need to operate a…
Read More about Spotlight – How Cart66 Maintains Security for Ecommerce
