Fernando Barbosa

23 posts

Fernando Barbosa is a Sucuri's Software Development Manager who joined the company in 2012. Fernando's main responsibilities include leading Sucuri's backend teams and engineering solutions for our suite of security products. His professional experience also covers five years of malware analysis and incident response. When Fernando isn't working, you might find him having good times with his family. Connect with Fernando on Twitter.

Books SEO Spam

Fernando Barbosa
October 16, 2017

We already discussed in our blog some cases where the attacker uploaded a full ready-to-use website in order to promote their products and services. This…

Soccer spam. Really?

Fernando Barbosa
September 21, 2017

In the last few months, we’ve covered several cases of SEO Spam in our labs and blog that were promoting products and services ranging from…

Evasion Techniques in Phishing Attacks

Fernando Barbosa
August 22, 2017

We all know that we shouldn’t click on links from sketchy looking emails. But what if the website you’re viewing takes you to a spoofed…

Phishing the Right Phish

Fernando Barbosa
July 4, 2017

Social engineering techniques, like phishing, can be powerful in persuading users into performing specific actions or disclosing confidential information. In these types of scenarios, attackers…

Unwanted “Shorte St” Ads in Unpatched Newspaper Theme

Fernando Barbosa
June 20, 2017

Unwanted ads are one of the most common problems that site owners ask us to solve. Recently, we’ve noticed quite a few requests to remove…

How Undefined Variables Can Give You RCE

Fernando Barbosa
June 5, 2017

When investigating a compromised website, our team has to make sure that all malware and backdoors are cleared from the environment. In some instances, these…

Simple $_COOKIE backdoor (variation)

Fernando Barbosa
May 30, 2017

There are many ways to develop a backdoor and virtually all of them share a similar goal – not to be discovered. To achieve that,…

WebSockets, Viagra and Fake CloudFlare CDN

Fernando Barbosa
April 3, 2017

Recently we’ve seen some WordPress websites displaying unwanted banners at the bottom of the page which appear 15 seconds after browsing the website. Those banners…

WordPress Security

Malicious Subdirectories Strike Again

Fernando Barbosa
March 17, 2017

In a previous post, we illustrated how attackers were fetching information from compromised sites under their control to display spam content on other hacked websites.…

doc.google.com.TROJAN

Fernando Barbosa
March 14, 2017

During an incident response process, we identified some files located at a website’s root folder. Although they had different filenames (post.php, news.php, home.php, etc), they…

One, two, three… CC stolen!

Fernando Barbosa
March 7, 2017

Attackers work hard to make their code very well hidden from the victim and antivirus products, however they might leave some fingerprints (usually not on…