Website Security News
As a security company, we deal with a lot of compromised websites. Unfortunately, in most cases, we have limited access to customer logs, which is one of the reasons why we don’t offer forensic analysis. Sucuri offers website monitoring, protection, and clean up, but sometimes…
Most websites today use cookies. Since May 25th, 2018, all websites that do business in the European Union (EU) had to make some changes to be compliant with the EU…
Read More about Cookie Consent Script Used to Distribute Malware
Google, Mozilla, and other web authorities are pushing for website owners to adopt HTTPS. Soon, Google Chrome will start flagging sites by displaying a warning that the site is “Not secure“….
Most people assume that if their website has been compromised, there must have been an attacker evaluating their site and looking for a specific vulnerability to hack. Under most circumstances…
Read More about Why You Should Care about Website Security on Your Small Site
An enormous number of SEO spam infections are handled by us here at Sucuri. In our most recent hacked website trend report, we analyzed over 34,000+ websites and identified that…
We handle an enormous number of SEO spam infections here at Sucuri. In Q3 of 2016, approximately 37% of all website infection cases were related to SEO spam campaigns through…
Read More about Malware Serving SEO Spam from External Sites
During a recent investigation, I found a new piece of malicious code being used to steal credit card information from compromised Magento sites. What I didn’t know was how many…
Read More about Credit Card Stealer Investigation Uncovers Malware Ring
A malicious redirect is a snippet of code used by attackers with the intention of redirecting visitors to another site; a very common tactic seen in compromised websites. These redirects…
Read More about Expired Domain Leads to WordPress Plugin Redirects
During a recent malware investigation, we found some interesting obfuscated Javascript code. This code pretends to appear as part of the popular AddThis social sharing plugin, using it in URL…
Read More about JavaScript Injections Leads to Tech Support Scam
Do you keep all of your website software (including third-party themes, plugins, and components) up to date? You should! We always recommend this to our clients and readers. Applying updates…
Read More about A Plugin’s Expired Domain Poses a Security Threat to Websites
If you are using the Webutation badge on your site, remove it now. It appears they got hacked and are distributing malware to mobile devices through redirects hidden within the…
Read More about Webutation Distributing Malware Through Safety Badge
