Website Security News
Read posts about Drupal security including the latest vulnerability disclosures, technical details, and mitigation steps. Learn the best practices to clean and protect your Drupal database and server files. If you are looking for help with a security incident our free guide can help fix your hacked Drupal site and our team is always here to help.
We are all familiar with the conventional domain name notation, where different levels are concatenated with the full stop character (period). E.g. “www.example.com”, where “www” is a subdomain, “example” is a second level domain, and “com” is a top-level domain. However, very few know that…
Read More about CoinImp Cryptominer and Fully Qualified Domain Names
After a series of critical Drupal vulnerabilities disclosed this spring, it’s not surprising to see a surge of massive Drupal infections like this one: Massive #Drupal infection that redirects to…
We are proud to be releasing our latest Hacked Website Trend Report for 2017. This report is based on data collected and analyzed by the Sucuri Remediation Group (RG), which…
Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research website vulnerabilities and who are…
Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive miners into compromised sites without the consent of…
Drupal is an open-source content management system and website builder with a unique structure that allows it to be highly flexible and extendible. For these reasons and more, it’s favored…
Read More about New Guide on How to Clean a Hacked Drupal Sites
Last year we took a look at how attackers were infecting Drupal installations to spread their spam and keep their campaigns going by just including a malicious file in each…
Read More about Evolution of Conditional Spam Targeting Drupal Sites
Today we are proud to release our quarterly Hacked Website Report for 2016/Q3. This report is based on data collected and analyzed by the Sucuri Remediation Group (RG), which includes…
In the early 1980’s Softwear Systems opened up as a custom software company in Chicago. Over the years, its founder Mitch Meyers, learned how to create and manage great websites….
Read More about Spotlight: How Softwear Systems Provides Drupal Security
Today we’re releasing our quarterly Hacked Website Report for 2016/Q2. The data in this report is based on compromised websites we worked on, with insights and analysis performed by our…
It has been over 19 months since Drupalgeddon, which refers to Drupal’s Security Advisory (SA) SA-CORE-2014-005. For those unfamiliar with it, it was a highly critical SQL Injection (SQLi) vulnerability…
Read More about Drupal SQLi (Drupalgeddon) Attack Trend CVE-2014-3704 / SA-CORE-2014-005
