• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Blog Category: Security Education

security-education-blog-category

Learn how to secure your website using best practices from our team of website security professionals. Learn about the risks and threats to your web presence, including the steps to mitigate attacks and defend your website from hackers. Stay up to date with the latest emerging trends in website hacking so you can safeguard your visitors and brand reputation. You can also check out our website security guides for more!

Phishing Campaign

January 14, 2021Luke Leal

Real-Time Phishing Kit Targets Brazilian Central Bank

We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page in real time. What our investigation revealed was that attackers were leveraging PIX, a new payment method created by the…

Read More about Real-Time Phishing Kit Targets Brazilian Central Bank

January 7, 2021Luke Leal

Evaluating Cookies to Hide Backdoors

Identifying website backdoors is not always an easy task. Since a backdoors primary function is to conceal itself while providing unauthorized access, they are often developed using a variety of…

Read More about Evaluating Cookies to Hide Backdoors

Labs Note

December 17, 2020Krasimir Konov

The Dangers of Using Abandoned Plugins & Themes

It’s not very often that we see abandoned components being used on a website — but when we do, it’s most often because the website was exhibiting malware-like behavior and…

Read More about The Dangers of Using Abandoned Plugins & Themes

Labs Note

December 4, 2020Luke Leal

Obfuscation Techniques in MARIJUANA Shell “Bypass”

Attackers are always trying to come up with new ways to evade detection from the wide range of security controls available for web applications. This also extends to malware like…

Read More about Obfuscation Techniques in MARIJUANA Shell “Bypass”

Labs Note

November 17, 2020Cesar Anjos

Evasive Maneuvers in Data Stealing Gateways

We have already shared examples of many kinds of malware that rely on an external gateway to receive or return data, such as different malware payloads. During a recent investigation,…

Read More about Evasive Maneuvers in Data Stealing Gateways

Return to the City of Cron - Malware Infections on Joomla and WordPress

November 5, 2020Luke Leal

ALFA TEaM Shell ~ v4.1-Tesla: A Feature Update Analysis

We’ve seen a wider variety of PHP web shells being used by attackers this year —  including a number of shells that have been significantly updated in an attempt to…

Read More about ALFA TEaM Shell ~ v4.1-Tesla: A Feature Update Analysis

Labs Note

November 4, 2020Krasimir Konov

Legacy Mauthtoken Malware Continues to Redirect Mobile Users

During malware analysis, we regularly find variations of this injected script on various compromised websites: . The variable “_0x446d” assigns hex encoded strings in different positions in the array. If…

Read More about Legacy Mauthtoken Malware Continues to Redirect Mobile Users

SiteCheck September Report

November 2, 2020Denis Sinegubko

CSS-JS Steganography in Fake Flash Player Update Malware

This summer, MalwareBytes researcher Jérôme Segura wrote an article about how criminals use image files (.ico) to hide JavaScript credit card stealers on compromised e-commerce sites. In a tweet, Affable…

Read More about CSS-JS Steganography in Fake Flash Player Update Malware

October 30, 2020Tony Perez & Daniel Cid

Bridging the Gap Between Application and Network Security with CleanBrowsing

When we started Sucuri we set out to make enterprise security accessible, affordable, and effective for every day webmasters. It was at a time when open-source platforms like WordPress, Joomla!,…

Read More about Bridging the Gap Between Application and Network Security with CleanBrowsing

October 28, 2020Art Martori

5 Places Where You’d Never Expect to Get Hacked

For every gleaming new IoT device that hits the market, a hacker somewhere is figuring out how to compromise it. Today, even routine activities can land you in the sights…

Read More about 5 Places Where You’d Never Expect to Get Hacked

P.A.S. Fork v. 1.0 - a web shell revival

October 26, 2020Luke Leal

P.A.S. Fork v. 1.0 — A Web Shell Revival

A PHP shell containing multiple functions can easily consist of thousands of lines of code, so it’s no surprise that attackers often reuse the code from some of the most…

Read More about P.A.S. Fork v. 1.0 — A Web Shell Revival

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2021 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.