Tony Perez

121 posts

Tony is the Head of Security Products at GoDaddy and Sucuri Co-Founder. His passion lies in educating and bringing awareness about online threats to business owners. His passions revolve around understanding the psychology of bad actors, the impacts and havoc hacks have on website owners, and thinking through the evolution of attacks. You can find his personal thoughts on security at perezbox.com and you can follow him on Twitter at @perezbox.

Serious Cross Site Scripting Vulnerability in TweetDeck – Twitter

Tony Perez
June 11, 2014

This morning as I was logging into various social networks I was presented with a popup from an XSS on Tweet Deck. This obviously set…

Read the Post

Understanding Denial of Service and Brute Force Attacks – WordPress, Joomla, Drupal, vBulletin

Tony Perez
March 12, 2014

Many are likely getting emails with the following subject header: Large Distributed Brute Force WordPress Attack Underway – 40,000 Attacks Per Minute. Just this week…

Read the Post

Stealing Credit Cards – A WordPress and vBulletin Hack

Tony Perez
November 28, 2013

What better way to celebrate Thanksgiving than to share an interesting case that involves two of the most popular CMS applications out there – vBulletin…

Read the Post

Case Study: Analyzing a WordPress Attack – Dissecting the webr00t cgi shell – Part I

Tony Perez
November 8, 2013

November 1st started like any other day on the web. Billions of requests were being shot virtually between servers in safe and not so safe…

Read the Post

The Dangers External Services Present To Your Website

Tony Perez
August 15, 2013

Today the Washington Post reported that they were victims of hack, orchestrated by the Syrian Electronic Army. This attack is interesting because it sheds light…

Read the Post

Joomla Hacks – Part I – Phishing

Tony Perez
August 14, 2013

Joomla is a very popular open source CMS, dominating approximately 10% of the website market. While great for them, horrible for many others, as being…

Read the Post

Dissecting a WordPress Brute Force Attack

Tony Perez
July 22, 2013

Update: Brute force protection now available: http://cloudproxy.sucuri.net/brute-force-protection Over the past few months there has been a lot of discussion about WordPress Brute Force attacks. With…

Read the Post

W3 Total Cache and WP Super Cache Vulnerability Being Targeted in the Wild

Tony Perez
May 4, 2013

As if on queue, almost 7 days since we released the post about the latest W3TC and WP Super Cache remote command execution vulnerability, we…

Read the Post

Apache Web Server Attacks Continue to Evolve

Tony Perez
April 29, 2013

For the past few months we have seen a gradual increase in server-level compromises. In fact, every week it seems we’re handling half a dozen…

Read the Post

LivingSocial Hacked — More Than 50 Million Accounts Compromised

Tony Perez
April 26, 2013

Just as we were thinking we were going to avoid any major enterprise compromises this week, LivingSocial announces that it has been compromised and some…

Read the Post

Joomla Version 2.5.10 Released – Security Updates

Tony Perez
April 24, 2013

This morning the Joomla development team released a new version of the Joomla platform. This is a Security release, so please be sure to update…

Read the Post