• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Antony Garand

About Antony Garand

Antony Garand is Sucuri's Threat Researcher who joined the company in 2019. Antony's main responsibilities include researching vulnerabilities and dissecting malware. His professional experience covers many years of security research and development. When Antony isn't breaking stuff, you might find him at the dog park or learning new skills. Connect with him on Twitter

April 2022 Sucuri Vulnerability Roundup

April 26, 2022Antony Garand

Vulnerability Roundup – April 2022

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve compiled a list of important…

Read More about Vulnerability Roundup – April 2022

April 13, 2022Antony Garand

Critical RCE Vulnerability in Elementor WordPress Plugin

Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 Vulnerability: Remote code execution (RCE) Patched Version: 3.6.3 On April 12th, an important security update was released for the Elementor plugin…

Read More about Critical RCE Vulnerability in Elementor WordPress Plugin

PHP repository exploited by hackers

March 29, 2021Antony Garand

PHP Repository Exploited by Hackers

The official PHP git repository, http://git.php.net/, was compromised this Sunday, March 28. An attacker was able to modify the PHP source code twice and inject a backdoor into it. Thankfully,…

Read More about PHP Repository Exploited by Hackers

Backdoors in Malicious Plugins

September 8, 2020Antony Garand

Reflected XSS in WordPress Plugin Admin Pages

The administrative dashboard in WordPress is a pretty safe place: Only elevated users can access it. Exploiting a plugin’s admin panel would serve very little purpose here — an administrator…

Read More about Reflected XSS in WordPress Plugin Admin Pages

WordPress Vulnerability

September 2, 2020Antony Garand

Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites

Yesterday, the WordPress plugin File Manager was updated, fixing a critical vulnerability allowing any website visitor to gain complete access to the website. Users of our WAF were never vulnerable…

Read More about Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites

Duplicated WordPress Vulnerabilities

April 24, 2020Antony Garand

Duplicated Vulnerabilities in WordPress Plugins

During a recent plugin audit, we noticed a weird pattern among many plugins responsible for performing a specific task: Duplicating a page or a post. With a bit of research,…

Read More about Duplicated Vulnerabilities in WordPress Plugins

Labs Note

March 23, 2020Antony Garand

Reflected XSS in Cookiebot Administrative Page

A reflected XSS vulnerability has recently been found in the Cookiebot plugin plugin, impacting a user base of over 40k installs. Versions prior to 3.6.1 are susceptible to this attack,…

Read More about Reflected XSS in Cookiebot Administrative Page

Labs Note

March 17, 2020Antony Garand

Reflected XSS in Advanced Ads Admin Dashboard

A patch for a vulnerability in the Advanced Ads plugin has been released. Prior to version 1.17.4, attackers were able to exploit two reflected XSS attacks via the admin dashboard….

Read More about Reflected XSS in Advanced Ads Admin Dashboard

Phishing for Digital Gold

February 6, 2020Antony Garand

Creative Phishing for Digital Gold on RuneScape

RuneScape is an extremely popular massive multiplayer online game. With over 200 million generated accounts, its claim to fame is that it’s one of the largest free MMORPG’s ever created….

Read More about Creative Phishing for Digital Gold on RuneScape

Why Hackers Create Phishing Campaigns

December 9, 2019Antony Garand

Why Hackers Create Phishing Campaigns

Phishing is a malicious attempt to obtain personally identifiable information of a victim. The first thing to keep in mind about phishing is the goal of the attackers. In the…

Read More about Why Hackers Create Phishing Campaigns

Phishing Campaign

November 20, 2019Antony Garand

How to Recognize a Phishing Campaign

Phishing attacks and campaigns have always been a hot topic in online security. With many posts tagged as “phishing” on our blog — the first one being over nine years…

Read More about How to Recognize a Phishing Campaign

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2022 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.