Rodrigo Escobar

About Rodrigo Escobar

Rodrigo Escobar is Sucuri's Sr. Malware Research Manager who joined the company in 2012. Rodrigo's main responsibilities include the coordination of malware analysts and research groups, and deployment of effective remediation solutions. His professional experience covers more than eight years in website remediation and malware analysis. When Rodrigo isn't investigating cyber threats and looking for solutions to prevent them, you might find him at the computer, reading assembly and learning new skills. Connect with him on LinkedIn.

December 28, 2022Rodrigo Escobar

WordPress Vulnerability & Patch Roundup December 2022

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve compiled a list of important…

October 28, 2022Rodrigo Escobar

WordPress Vulnerability & Patch Roundup October 2022

January 19, 2021Rodrigo Escobar

Critical Vulnerabilities in 123contactform-for-wordpress WordPress Plugin

In mass infection scenarios, our Malware Research team often looks for attack vectors to find patterns and other similarities among compromised websites. The identification of these patterns allows us to…

August 15, 2017Rodrigo Escobar

Decoding Complex Malware – Step-by-Step

When cleaning websites, one of the most complicated parts of our job is ensuring we find all backdoors. Most of the time, attackers inject code into different locations to increase…

February 17, 2017Rodrigo Escobar

WordPress Security – Fake TrafficAnalytics Website Infection

Several months ago, our research team identified a fake analytics infection, known as RealStatistics. The malicious Javascript injection looks a lot like tracking code for a legitimate analytics service. RealStatistics…

February 2, 2017Rodrigo Escobar

RealStatistics Goes TrafficAnalytics

In the last few months, our Incident Response Team detected an interesting malicious code that affected a high number of websites. This malware is a variation of the “Realstatistics” campaign…

December 1, 2016Rodrigo Escobar

Exploited Script in WordPress Theme Sends Spam

Update 11/03/2017: If you want to learn how to secure WordPress, you can read all about it in our new guide. As WordPress continues to grow in popularity, so does…

October 31, 2016Rodrigo Escobar

WordPress Theme Mailing Script being exploited in the wild

A few weeks ago, we posted a lab notes describing a good theme file being exploited by attackers to send mass-mailing SPAM (http://labs.sucuri.net/?note=2016/08/15 0:00). Upon further investigation, we identified that…

August 15, 2016Rodrigo Escobar

Mass Mailing SPAM From a Good File

We often find code that is developed with good intent but the security aspects of it are not always taken into consideration. During a routine cleanup investigation we found a…

May 16, 2016Rodrigo Escobar

Secure Coding: How to Account for Input Sanitization

On average, a website leverages around 18-20 different plugins in its structure. These plugins enhance the website’s functionality and in some instances extend the applications core capabilities. It’s great for…

November 11, 2015Rodrigo Escobar

Helpscout Blacklisted by Norton

Early this morning we got complaints from our clients mentioning that Norton was flagging Helpscout, a Help Desk System. Some of the pages were triggering this warning Upon a quick…