Daniel Cid

214 posts

Daniel B. Cid is Founder of Sucuri and the VP of Engineering for the GoDaddy Security Products group. He is also the founder of OSSEC and CleanBrowsing. You can find more about Daniel on his site dcid.me or on Twitter: @danielcid

Drupal SQLi (Drupalgeddon) Attack Trend CVE-2014-3704 / SA-CORE-2014-005

Daniel Cid
May 31, 2016

It has been over 19 months since Drupalgeddon, which refers to Drupal’s Security Advisory (SA) SA-CORE-2014-005. For those unfamiliar with it, it was a highly…

Read the Post

PCI for SMB: Requirement 1- Install and Maintain a Firewall

Daniel Cid
May 26, 2016

Update: Read our new PCI Compliance guide. If you have an ecommerce website, allowing you to accept credit cards on your site, PCI compliance should…

Read the Post

Hacked Website Report – 2016/Q1

Daniel Cid
May 18, 2016

Our Remediation group is comprised of two distinct teams, the Incident Response Team (IRT) and Malware Research Team (MRT). These teams work closely with our…

Read the Post

Analyzing ImageTragick Exploits in the Wild

Daniel Cid
May 7, 2016

Three days ago the ImageMagic (also known as, ImageTragick) vulnerability was released to the world. We’ve been actively monitoring this vulnerability, and have discovered a…

Read the Post

ImageMagick Remote Command Execution Vulnerability

Daniel Cid
May 4, 2016

ImageMagick is a popular software used to convert, edit and manipulate images. It has libraries for all common programming languages, including PHP, Python, Ruby and…

Read the Post

Sucuri Firewall: Free LetsEncrypt SSL Certs for Everyone

Daniel Cid
April 15, 2016

Update: We have release a free guide on how to get SSL on your site even if you are not a Sucuri customer. Last year…

Read the Post

Sucuri Updates

Sucuri – 2016 Redesign

Daniel Cid
April 1, 2016

Update: It was an April fools joke, if you did not realize it by now. The site is back in place. A few weeks ago,…

Read the Post

Ask Sucuri: How Does Sucuri Clean a Website?

Daniel Cid
March 23, 2016

Question: How does Sucuri clean hacked websites? What is the process? We clean a lot of websites, ~ 400 / 500, daily during our normal load. To…

Read the Post

Server Security: Indicators of Compromised Behavior with OSSEC

Daniel Cid
March 17, 2016

We leverage OSSEC extensively here at Sucuri to help monitor and protect our servers. If you are not familiar with OSSEC, it is an open source…

Read the Post

Investigating a Compromised Server with Rootcheck

Daniel Cid
February 19, 2016

heWhat do you do if you suspect your server (VPS or dedicated) has been compromised? If you are a customer, you have the option to…

Read the Post

WordPress Sites Leveraged in Layer 7 DDoS Campaigns

Daniel Cid
February 17, 2016

We first disclosed that the WordPress pingback method was being misused to perform massive layer 7 Distributed Denial of Service (DDoS) attacks back in March 2014. The…

Read the Post