Daniel Cid

213 posts

Daniel B. Cid is Founder of Sucuri and the VP of Engineering for the GoDaddy Security Products group. He is also the founder of OSSEC and CleanBrowsing. You can find more about Daniel on his site dcid.me or on Twitter: @danielcid

WordPress-Security-Reduce-Risk-With-Less-Plugins

WordPress Pluggable.php Being Compromised

Daniel Cid
August 15, 2012

The last few days we have seen a large number of WordPress sites compromised with a hidden malware payload that lands inside wp-includes/pluggable.php. This is…

Read the Post

Redirection Malware Very Good Leads to Fake AV

Daniel Cid
August 8, 2012

If you look at our Labs malware dump for the last few days, you will find something odd in the name of the top domains…

Read the Post

Blackmuscats Conditional Redirections to Fake AntiVirus

Daniel Cid
July 31, 2012

We are seeing many sites today compromised with the Blackmuscats conditional redirection. This malware causes anyone visiting the hacked site to be redirected to a…

Read the Post

WordPress and Server Hardening – Taking Security to Another Level

Daniel Cid
July 26, 2012

Update 11/3/2017: Need to learn how to secure your WP site? Check out our latest guide on vulnerabilities, best practices and protection. Update 9/14/16:…

Read the Post

New Web Malware Attacks Using .Ru/In.CGI?16

Daniel Cid
July 19, 2012

What does an orange roller, a purple beetle, an orange moth, a green pillar, and a green cricket have in common? Not much, but they…

Read the Post

vBulletin Websites Using VBSEO Being Infected with Malware

Daniel Cid
July 16, 2012

We are seeing a large number of vBulletin/vBSEO websites getting compromised lately and we keep getting requests for info as to what’s going on.

Read the Post

ASK Sucuri: What should I do if my email is in the Yahoo Leak?

Daniel Cid
July 13, 2012

We love to get questions from you, our readers, in our Ask Sucuri series. If you have any questions about website malware, blacklisting, or security…

Read the Post

Analysis of Yahoo Voice Password Leak – 453,441 Passwords Exposed

Daniel Cid
July 12, 2012

We recently heard that a massive leak of Yahoo passwords has been floating on the interwebs for a few days. According to Ars Technica, the…

Read the Post

Distributed Malware Network Outbreak Using Stats.php

Daniel Cid
July 8, 2012

We are seeing a large and distributed malware network comprised of thousands of infected websites that is growing very quickly. We call it “Stats.php” because…

Read the Post

Malware That Pretends To Be Google

Daniel Cid
July 5, 2012

Malware authors (AKA the criminals or the bad guys), use many advanced techniques to hide their activities. From encoding, to encrypting, to auto-generated random domains,…

Read the Post

Uploadify, Uploadify and Uploadify – The New TimThumb?

Daniel Cid
June 26, 2012

We are seeing a lot of noise again regarding the Uploadify script vulnerabilities affecting some WordPress themes/plugins. If you are not familiar, Uploadify allows anyone…

Read the Post