Antony Garand

22 posts

Antony Garand is Sucuri's Threat Researcher who joined the company in 2019. Antony's main responsibilities include researching vulnerabilities and dissecting malware. His professional experience covers many years of security research and development. When Antony isn't breaking stuff, you might find him at the dog park or learning new skills. Connect with him on Twitter

WordPress Vulnerability & Patch Roundup September 2022

Antony Garand
September 29, 2022

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…

What is clickjacking and how do I prevent it on my site?

What Is Clickjacking & How Do I Prevent It?

Antony Garand
September 8, 2022

There are a plethora of techniques that attackers use to redirect site visitors and harvest sensitive information on compromised websites. But when most webmasters think…

August 2022 WordPress Vulnerabilities Roundup

WordPress Vulnerabilities & Patch Roundup — August 2022

Antony Garand
August 30, 2022

July 2022 WordPress Vulnerability Roundup

WordPress Vulnerabilities & Patch Roundup — July 2022

Antony Garand
July 29, 2022

June Vulnerability and Patch Roundup Post

WordPress Vulnerabilities & Patch Roundup — June 2022

Antony Garand
June 30, 2022

WordPress Vulnerabilities & Patch Round-up — May 2022

Antony Garand
May 31, 2022

WordPress Vulnerabilities & Patch Roundup — April 2022

Antony Garand
April 26, 2022

Critical RCE Vulnerability in Elementor WordPress Plugin

Antony Garand
April 13, 2022

Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 Vulnerability: Remote code execution (RCE) Patched Version: 3.6.3 On April 12th, an important security update was…

PHP Repository Exploited by Hackers

Antony Garand
March 29, 2021

The official PHP git repository, http://git.php.net/, was compromised this Sunday, March 28. An attacker was able to modify the PHP source code twice and inject…

Reflected XSS in WordPress Plugin Admin Pages

Antony Garand
September 8, 2020

The administrative dashboard in WordPress is a pretty safe place: Only elevated users can access it. Exploiting a plugin’s admin panel would serve very little…

Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites

Antony Garand
September 2, 2020

Yesterday, the WordPress plugin File Manager was updated, fixing a critical vulnerability allowing any website visitor to gain complete access to the website. Users of…