Security Archive – Case Study: phpbb.com Compromised
Daniel Cid Security Archive: It is important to remember past security incidents to make sure we don’t commit the same mistakes over and over again. The idea…
Big Increase in Distributed Brute Force Attacks Against Joomla Websites
Update: Brute force protection now available: http://cloudproxy.sucuri.net/brute-force-protection A few months ago, we discussed and published details about a very large brute force attack targeting WordPress…
Potential vBulletin Exploit (4.1+ and 5+)
The vBulletin team just posted a pre-disclosure warning on their announcements forum about a possible exploit in versions 4.1+ and 5+ of vBulletin. They don’t…
Free Sucuri WordPress Plugin Gets New Features
We just released some major updates to our Free WordPress plugin that we recommend all WordPress users check out. Before the update, the plugin was…
Joomla Media Manager Attacks in the Wild
If you are using Joomla and didn’t update your site recently, you better stop doing whatever you are doing, and update it now. There is…
OpenX.org Compromised and Downloads Injected with a Backdoor
We received reports that OpenX.org was compromised and the OpenX download files had a backdoor injected in them. According to Heise (in German), the malicious…
Phishing 2.0 – Credit Card Redirection on Compromised Sites
We have seen it all when it comes to compromised sites: from silly defacements, to malware, spam, phishing and all sorts of injections. However, the…
Sucuri CloudProxy Web Application Firewall (WAF) – Out of Beta
We are happy to announce that after more than a year in testing, Sucuri’s Cloud WAF is out of beta. CloudProxy is currently available to…
From a Site Compromise to Full Root Access – Bad Server Management – Part III
When an attacker manages to compromise and get access to a website, they won’t stop there. They will aim to gain full root (admin) access…
Malware Hidden Inside JPG EXIF Headers
A few days ago, Peter Gramantik from our research team found a very interesting backdoor on a compromised site. This backdoor didn’t rely on the…
SSH Brute Force – The 10 Year Old Attack That Still Persists
Three years later we are still seeing SSH brute force attacks compromising sites on a frequent basis. One of the first server-level compromises I had…