Bruno Zanelato

21 posts

Bruno Zanelato is Sucuri's Copywriter who joined the company in 2014. As Eng - System III and working for the SOC team since 2019, his main responsibilities are (firewalls, IDS, IPS, HIDS, WAF, log management, hardening systems, PCI Compliant, IDS/IPS Signatures, Linux/BSD hardening, including developing content to highlight Sucuri's products and services and to educate the public about website security. Bruno's professional experience covers more than 15 years of deploying/managing Web Application Firewall as well as open-source security software. When Bruno isn't drafting blog posts or writing web pages, you might find him online playing MMO RPG games, watching MMA, and having fun with his kids and family during his free time. Connect with him on Linkedin

Product Update: Sucuri Firewall in Sophia

Bruno Zanelato
December 11, 2019

Sucuri provides security for websites with the protection of our Web Application Firewall (WAF). We also have our proprietary Anycast content delivery network (CDN) that…

Leveraging Stored Procedures for Nefarious Purposes

Bruno Zanelato
June 19, 2019

Here at Sucuri, we clean thousands of websites on a daily basis, and while some of them are easy to solve, others may require more…

W97M/Downloader Malware Dropper Served from Compromised Websites

Bruno Zanelato
May 20, 2019

W97M/Downloader is part of a large banking malware operation that peaked in March 2016. Bad actors have been distributing this campaign for well over a…

Backdoor using a paste site to host payload

Backdoor Uses Paste Site to Host Payload

Bruno Zanelato
September 18, 2018

Finding backdoors is one of the biggest challenges of a website security analyst, as backdoors are designed to be hidden in case the malware is found…

Backdoor using paste site to host payload

Bruno Zanelato
November 30, 2017

Over the last months, we’ve been talking a lot about new ways to decode complex malwares that involve the usual PHP functions like eval, create_function,…

Attackers leveraging WP Maintenance plugin to deface websites

Bruno Zanelato
October 25, 2017

Recently, during a website investigation, we detected that attackers have been modifying the database structure of WP Maintenance plugin (which is a very popular wordpress…

Ecommerce Security: Fake Jquery Used as CC Scraper

Bruno Zanelato
September 21, 2017

In the last few months, we noticed an increase in attacks targeting ecommerce platforms aiming to steal credit card information. We saw a similar rise…

SF9 Realex Magento Module Targeted by Credit Card Scrapers

Bruno Zanelato
March 10, 2017

Attackers are constantly developing new techniques to compromise ecommerce websites and steal sensitive data. Over the last several weeks, we tracked massive attacks against Magento…

Joomla Security – Pornography Spam Campaign in the Wild

Bruno Zanelato
February 20, 2017

One of the worst experiences for a website owner is finding out that the search results for your site have turned into a pharmacy, a…

Session Stealer Script Used In OpenCart

Bruno Zanelato
December 29, 2016

With so many open-source ecommerce platforms available in the market, selling online is an appealing and easy option for any store owner. In a few…

Malicious Redirect Injected in Magento One Page Checkout

Bruno Zanelato
November 23, 2016

With the holiday season around the corner, ecommerce sites are very valuable to website owners and equally attractive to attackers. Hackers have been targeting Magento…