Bruno Zanelato

About Bruno Zanelato

Bruno Zanelato is Sucuri's Copywriter who joined the company in 2014. As Eng - System III and working for the SOC team since 2019, his main responsibilities are (firewalls, IDS, IPS, HIDS, WAF, log management, hardening systems, PCI Compliant, IDS/IPS Signatures, Linux/BSD hardening, including developing content to highlight Sucuri's products and services and to educate the public about website security. Bruno's professional experience covers more than 15 years of deploying/managing Web Application Firewall as well as open-source security software. When Bruno isn't drafting blog posts or writing web pages, you might find him online playing MMO RPG games, watching MMA, and having fun with his kids and family during his free time. Connect with him on Linkedin

December 11, 2019Bruno Zanelato

Product Update: Sucuri Firewall in Sophia

Sucuri provides security for websites with the protection of our Web Application Firewall (WAF). We also have our proprietary Anycast content delivery network (CDN) that adds the performance benefits of a CDN to all our WAF users. We been adding data centers in key regions…

June 19, 2019Bruno Zanelato

Leveraging Stored Procedures for Nefarious Purposes

Here at Sucuri, we clean thousands of websites on a daily basis, and while some of them are easy to solve, others may require more investigation in order to find…

May 20, 2019Bruno Zanelato

W97M/Downloader Malware Dropper Served from Compromised Websites

W97M/Downloader is part of a large banking malware operation that peaked in March 2016. Bad actors have been distributing this campaign for well over a year, which serves as a…

September 18, 2018Bruno Zanelato

Backdoor Uses Paste Site to Host Payload

Finding backdoors is one of the biggest challenges of a website security analyst, as backdoors are designed to be hidden in case the malware is found and removed. Website Backdoors A…

November 30, 2017Bruno Zanelato

Backdoor using paste site to host payload

Over the last months, we’ve been talking a lot about new ways to decode complex malwares that involve the usual PHP functions like eval, create_function, preg_replace, assert, base64_decode, etc. According…

October 25, 2017Bruno Zanelato

Attackers leveraging WP Maintenance plugin to deface websites

Recently, during a website investigation, we detected that attackers have been modifying the database structure of WP Maintenance plugin (which is a very popular wordpress plugin which adds a “down…

September 21, 2017Bruno Zanelato

Ecommerce Security: Fake Jquery Used as CC Scraper

In the last few months, we noticed an increase in attacks targeting ecommerce platforms aiming to steal credit card information. We saw a similar rise last year after the summer…

March 10, 2017Bruno Zanelato

SF9 Realex Magento Module Targeted by Credit Card Scrapers

Attackers are constantly developing new techniques to compromise ecommerce websites and steal sensitive data. Over the last several weeks, we tracked massive attacks against Magento sites where attackers are injecting…

February 20, 2017Bruno Zanelato

Joomla Security – Pornography Spam Campaign in the Wild

One of the worst experiences for a website owner is finding out that the search results for your site have turned into a pharmacy, a fashion outlet, or even a…

December 29, 2016Bruno Zanelato

Session Stealer Script Used In OpenCart

With so many open-source ecommerce platforms available in the market, selling online is an appealing and easy option for any store owner. In a few clicks you can set up…

November 23, 2016Bruno Zanelato

Malicious Redirect Injected in Magento One Page Checkout

With the holiday season around the corner, ecommerce sites are very valuable to website owners and equally attractive to attackers. Hackers have been targeting Magento installations in order to steal…