Daniel Cid

214 posts

Daniel B. Cid is Founder of Sucuri and the VP of Engineering for the GoDaddy Security Products group. He is also the founder of OSSEC and CleanBrowsing. You can find more about Daniel on his site dcid.me or on Twitter: @danielcid

WordPress Malware – Active VisitorTracker Campaign

Daniel Cid
September 18, 2015

We are seeing a large number of WordPress sites compromised with the “visitorTracker_isMob” malware code. This campaign started 15 days ago, but only in the…

Read the Post

WordPress Brute Force Attacks – 2015 Threat Landscape

Daniel Cid
September 15, 2015

One of the first server-level compromises I had to deal with in my life was around 15 years ago, and it was caused by an…

Read the Post

Analyzing Popular Layer 7 Application DDoS Attacks

Daniel Cid
September 3, 2015

Distributed Denial of Service (DDoS) attacks have been a major concern for website owners for a while. All types of sites, from small to big,…

Read the Post

Sucuri Labs

GCCanada.com Malware

Daniel Cid
September 1, 2015

We are seeing a large amount of sites with a malscript from gccanada.com injected into them. The malware redirects visitors to searchmagnified.com, which redirects them…

Read the Post

Ask Sucuri: How Did My WordPress Website Get Hacked? – A Tutorial

Daniel Cid
August 6, 2015

With the proliferation of Infrastructure and Platform as a Service providers, it is no surprise that a majority of today’s websites are hosting in the…

Read the Post

BIND9 – Denial of Service Exploit in the Wild

Daniel Cid
August 2, 2015

BIND is one of the most popular DNS servers in the world. It comes bundled with almost every cPanel, VPS and dedicated server installation and…

Read the Post

Introducing Free Global Website Performance Tool

Daniel Cid
May 28, 2015

We are happy to launch a new free tool (aka Global Website Performance Tester) that allows anyone to quickly check how fast a website is…

Read the Post

Magento Shoplift (SUPEE-5344) Exploits in the Wild

Daniel Cid
April 23, 2015

As warned a few days ago, the Magento Shoplift (SUPEE-5344) vulnerability details have been disclosed by the CheckPoint team. They show step by step how it…

Read the Post

Security Advisory: XSS Vulnerability Affecting Multiple WordPress Plugins

Daniel Cid
April 20, 2015

Multiple WordPress Plugins are vulnerable to Cross-site Scripting (XSS) due to the misuse of the add_query_arg() and remove_query_arg() functions. These are popular functions used by…

Read the Post

Critical Magento Shoplift Vulnerability (SUPEE-5344) – Patch Immediately!

Daniel Cid
April 18, 2015

The Magento team released a critical security patch (SUPEE-5344) to address a remote command execution (RCE) vulnerability back in February. It’s been more than two months…

Read the Post

FBI Public Service Annoucement: Defacements Exploiting WordPress Vulnerabilities

Daniel Cid
April 7, 2015

The US Federal Bureau of Investigation (FBI) just released a public service announcement (PSA) to the public about a large number of websites being exploited…

Read the Post