Cesar Anjos

64 posts

Cesar Anjos is Sucuri's Malware Researcher who joined the company in 2014. Cesar's main responsibilities include keeping up with the latest malware and writing about it. His professional experience covers over five years in the area. When Cesar isn't researching, he's finding a way to exercise his mind with anything. Connect with him on our Twitter.

Website Security

Browser Extension Bug Leads to Post Injection

Cesar Anjos
July 24, 2018

A few years ago, we saw how a browser extension introduced a threat to serve unwanted ads. Today, the number of browser extensions available to…

Read the Post

Using Innocent roles to hide admin users

Cesar Anjos
July 18, 2018

All across the internet we find guides and tutorials on how to keep your WordPress site secure, and they all approach the concept of user…

Read the Post

Magento Credit Card Stealer Reinfector

Cesar Anjos
June 19, 2018

In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins, and PayPal…

Read the Post

Magento CC Stealer Reinfector

Cesar Anjos
June 8, 2018

We have seen many times in the past few months how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins,…

Read the Post

Shell Logins as a Magento Reinfection Vector

Cesar Anjos
May 31, 2018

Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following files: app/Mage.php;…

Read the Post

Malicious Activities with Google Tag Manager

Cesar Anjos
April 17, 2018

If I were to ask if you could trust a script from Google that is loading on your website, the majority of users would say…

Read the Post

Server-level Cryptominer Injections

Cesar Anjos
January 22, 2018

During an investigation on a recent case, we came across a malware infection that came directly from the server. Upon further inspection, we found that…

Read the Post

Drupal Security

Evolution of Conditional Spam Targeting Drupal Sites

Cesar Anjos
July 5, 2017

Last year we took a look at how attackers were infecting Drupal installations to spread their spam and keep their campaigns going by just including…

Read the Post

When Your Plugins Turn Against You

Cesar Anjos
June 13, 2017

Every day we face countless cases of sites getting compromised and infected by an attacker. From there, the sites can be used for various operations…

Read the Post

Undesired Redirects

Cesar Anjos
June 13, 2017

Whether it is your own or a website you are visiting, undesired redirects and pop-ups are always annoying. The situation gets worse when your visitors…

Read the Post

New Non-HTTPS Websites Blacklisted for Phishy Password Practices

Cesar Anjos
May 26, 2017

We submit hundreds of blacklist review requests every day after cleaning our clients’ websites. Google’s Deceptive Content warning applies when Google detects dangerous code that…

Read the Post