Website Security News
Read posts about Drupal security including the latest vulnerability disclosures, technical details, and mitigation steps. Learn the best practices to clean and protect your Drupal database and server files. If you are looking for help with a security incident our free guide can help fix your hacked Drupal site and our team is always here to help.
The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities to massively exploit, our team works diligently around the clock to identify, analyze, and protect…
Recently, we came across another way to use files from GitHub repositories in malware infections. This time the infections weren’t via GitHub.io, raw.githubusercontent.com, or github.com/<user>/<repository>/raw/ URLs. The new trick involved…
Read More about RawGit CDN is Abused by CryptoLoot Cryptominers
We are all familiar with the conventional domain name notation, where different levels are concatenated with the full stop character (period). E.g. “www.example.com”, where “www” is a subdomain, “example” is…
Read More about CoinImp Cryptominer and Fully Qualified Domain Names
After a series of critical Drupal vulnerabilities disclosed this spring, it’s not surprising to see a surge of massive Drupal infections like this one: Massive #Drupal infection that redirects to…
We are proud to be releasing our latest Hacked Website Trend Report for 2017. This report is based on data collected and analyzed by the Sucuri Remediation Group (RG), which…
Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research website vulnerabilities and who are…
Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive miners into compromised sites without the consent of…
Drupal is an open-source content management system and website builder with a unique structure that allows it to be highly flexible and extendible. For these reasons and more, it’s favored…
Read More about New Guide on How to Clean a Hacked Drupal Sites
Last year we took a look at how attackers were infecting Drupal installations to spread their spam and keep their campaigns going by just including a malicious file in each…
Read More about Evolution of Conditional Spam Targeting Drupal Sites
Today we are proud to release our quarterly Hacked Website Report for 2016/Q3. This report is based on data collected and analyzed by the Sucuri Remediation Group (RG), which includes…
In the early 1980’s Softwear Systems opened up as a custom software company in Chicago. Over the years, its founder Mitch Meyers, learned how to create and manage great websites….
Read More about Spotlight: How Softwear Systems Provides Drupal Security
