Blog Category: Security Education

security-education-blog-category

Learn how to secure your website using best practices from our team of website security professionals. Learn about the risks and threats to your web presence, including the steps to mitigate attacks and defend your website from hackers. Stay up to date with the latest emerging trends in website hacking so you can safeguard your visitors and brand reputation. You can also check out our website security guides for more!

April 14, 2021Ben Martin

WordPress Continues to Fall Victim to Carding Attacks

Unsurprisingly, as WordPress continues to increase in popularity as an e-commerce platform, attackers continue to attempt to steal credit card information from unsuspecting clients. Currently, the WordPress plugin WooCommerce accounts for roughly a quarter of all online stores. Over recent years, attackers whose goal it is to fradulently obtain credit card information have mostly focused on…

April 7, 2021Stephen Johnston

How to Know If You Are Under DDoS Attack

Nowadays, the term DDoS probably raises the heart rate of most webmasters. Though many don’t know exactly what a DDoS attack is, they do know the effect: an extremely sluggish…

March 31, 2021Juliana Lewis

The Importance of Website Backups

Today is World Backup Day. This date was created to remind people of the importance of having backups set up for everything that matters. I am pretty sure your website falls into the category of precious digital…

March 25, 2021Mike Martens

How Do Websites Get Hacked?

As much as the web has grown, surprisingly not a lot has changed in how websites get hacked. The most important thing you can do in keeping the web –…

March 3, 2021Luke Leal

Trojan Spyware and BEC Attacks

When it comes to an organization’s security, business email compromise (BEC) attacks are a big problem. One primary reason impacts are so significant is that attacks often use a human…

February 12, 2021Marc Kranat

UCEPROTECT: When RBLs Go Bad

Realtime Blackhole Lists (RBLs) can be a great tool in your security arsenal. You may not know you’re using them, but all email providers and company email servers leverage these…

February 9, 2021Marc Kranat

Optimizing Performance and Behavior with WordPress and the Sucuri WAF

Aside from providing significant protection from a wide range of threats, the Sucuri WAF also acts as a CDN due to its caching capabilities and regional PoPs — often performing…

February 2, 2021Denis Sinegubko

Whitespace Steganography Conceals Web Shell in PHP Malware

Last November, we wrote about how attackers are using JavaScript injections to load malicious code from legitimate CSS files. At first glance, these injections didn’t appear to contain anything except…

January 26, 2021Luke Leal

Phishing & Malspam with Leaf PHPMailer

It’s common knowledge that attackers often use email as a delivery mechanism for their malicious activity — which can range from enticing victims to click a phishing URL or download…

January 19, 2021Rodrigo Escobar

Critical Vulnerabilities in 123contactform-for-wordpress WordPress Plugin

In mass infection scenarios, our Malware Research team often looks for attack vectors to find patterns and other similarities among compromised websites. The identification of these patterns allows us to…

January 14, 2021Luke Leal

Real-Time Phishing Kit Targets Brazilian Central Bank

We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page in real time. What our…