Intro to Securing an Online Store – Part 2
Victor Santoyo Last year, we introduced the theme of Securing an Online Store. We talked about how to identify the potential risks and what to look out…
Browsing Category
Security Advisory
209 posts
The Impacts of Zero-Day Attacks
Gerson Ruiz Last week, we explained what zero-day vulnerabilities and attacks are. Essentially, zero-day vulnerabilities exist in the wild, with no patch available to prevent hackers from…
New Guide on How to Clean a Hacked Website
Juliana Lewis Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research…
What is a WAF?
Have you ever wondered what WAF means? WAF stands for Website Application Firewall. In order to make it simple to understand, imagine your website as…
Formidable Forms / Shortcodes Ultimate Exploits In The Wild
Marc-Alexandre Montpas On Monday, November 20th, we were notified about a vulnerability that poses a serious security risk when the Shortcodes Ultimate and Formidable Forms plugins are…
Risks For E-commerce Site Owners Through the Holidays
Pilar Garcia Shopping season is here, and with that, so is the opportunity for ecommerce site owners to grow their revenue and reputation. However, hackers are also…
Hacked Websites Mine Cryptocurrencies
Denis Sinegubko Cryptocurrencies are all the rage now. Bitcoin, altcoins, blockchain, ICO, mining farms, skyrocketing exchange rates – you see or hear this every day in the…
Old Themes, Abandoned Scripts and Pitfalls of Cleaning Serialized Data
Over the summer, we’ve seen waves of WordPress database infections that use vulnerabilities in tagDiv’s Newspaper/Newsmag themes or InterconnectIT Search and Replace scripts (searchreplacedb2.php). The…
Google Warnings For Form Input Over HTTP Coming in October
Tony Perez For years, Google has been actively seeking ways to encourage website owners to implement SSL certificates. SSL allows websites to be accessed over HTTPS, which…
Code Injection in Signed PHP Archives (Phar)
Jeff Channell PHP contains an interesting but rarely used feature called Phar, which stands for PHp ARchive, that allows developers to package entire applications as a single…
Unwanted “Shorte St” Ads in Unpatched Newspaper Theme
Fernando Barbosa Unwanted ads are one of the most common problems that site owners ask us to solve. Recently, we’ve noticed quite a few requests to remove…