Daniel Cid

213 posts

Daniel B. Cid is Founder of Sucuri and the VP of Engineering for the GoDaddy Security Products group. He is also the founder of OSSEC and CleanBrowsing. You can find more about Daniel on his site dcid.me or on Twitter: @danielcid

Sucuri CloudProxy Website Firewall Improvements

Daniel Cid
February 25, 2014

If you are are a regular reader of our blog you probably know about our CloudProxy Website Firewall, it launched publicly a year ago. Since…

Read the Post

SiteCheck Chrome Extension Now Available

Daniel Cid
February 20, 2014

Have you ever wondered if the websites you (or your family) visit contain code that is potentially harmful to you or your computer? If you…

Read the Post

PHP Backdoors: Hidden With Clever Use of Extract Function

Daniel Cid
February 17, 2014

When a site gets compromised, one thing we know for sure is that attackers love to leave malware that allows them access back into the…

Read the Post

Joomla JomSocial Remote Code Execution Vulnerability

Daniel Cid
February 10, 2014

The JomSocial team just released an update that fixes a very serious remote code execution vulnerability that affects any JomSocial version older than 3.1.0.4. From…

Read the Post

Layer 7 DDOS – Blocking HTTP Flood Attacks

Daniel Cid
February 6, 2014

There are many types of Distributed Denial of Service (DDOS) attacks that can affect and bring down a website, and they vary in complexity and…

Read the Post

Website Mesh Networks Distributing Malware

Daniel Cid
January 24, 2014

Can you imagine having the keys to a kingdom? How awesome would that be!! This is true in all domains, especialy when it comes to…

Read the Post

Recent OptimizePress Vulnerability Being Mass Infected

Daniel Cid
January 17, 2014

A few weeks ago we wrote about a file upload vulnerability in the OptmizePress theme. We were seeing a few sites being compromised by it,…

Read the Post

Sucuri Labs

One way of hidding an iframe

Daniel Cid
January 16, 2014

There are multiple ways to inject an iframe on a web site, and every day we found a new evasion technique to make it harder…

Read the Post

Phishing Emails to Install Malicious WordPress Plugins

Daniel Cid
December 4, 2013

When all else fails, the bad guys can always rely on some basic social engineering tactics with a little hit of phishing!! Over the weekend,…

Read the Post

vBulletin.com Compromised

Daniel Cid
November 18, 2013

The vBulletin team recently announced that they suffered a compromise which allowed the attackers access to vbulletin.com servers and database. On their own words: We…

Read the Post

Google Bots Doing SQL Injection Attacks

Daniel Cid
November 5, 2013

One of the things we have to be very sensitive about when writing rules for our CloudProxy Website Firewall is to never block any major…

Read the Post