Mysterious Zencart Redirects Leverage HTTP Headers
Denis Sinegubko About a week ago we got an interesting Zencart case. Being that we don’t often write about Zencart we figured it’d be good time to…
Browsing Category
Security Education
679 posts
Layer 7 DDOS – Blocking HTTP Flood Attacks
Daniel Cid There are many types of Distributed Denial of Service (DDOS) attacks that can affect and bring down a website, and they vary in complexity and…
Zero Day Vulnerability in OpenX Source 2.8.11 and Revive Adserver 3.0.1
David Dede If you are using OpenX or the new Revive Adserver (fork of OpenX), you need to update it ASAP. Florian Sander discovered a serious SQL…
Understanding Google’s Blacklist – Cleaning Your Hacked Website and Removing From Blacklist
Fioravante Souza Today we found an interesting case where Google was blacklisting a client’s site but not sharing the reason why. The fact they were sharing very…
Google Bots Doing SQL Injection Attacks
One of the things we have to be very sensitive about when writing rules for our CloudProxy Website Firewall is to never block any major…
Understanding Search Engine Warnings – Part I – Google – This Site May Be Hacked
If you have any questions about malware, blacklisting, or security in general, send them to us: contact@sucuri.net and we will answer here. For all the…
Cleaning Up Your WordPress Site with the Free Sucuri Plugin
Update 9/9/16: We released a new guide to cleaning a hacked WordPress site with our plugin. If your site has been recently hacked and you…
WHMCS SQL Injection Vulnerability in the Wild
A few days ago, a zero-day SQL injection vulnerability in WHMCS was disclosed by localhost.re, along with the exploit code. It was quickly patched by…
CloudProxy WAF – September Report
*By Tony Perez and Daniel Cid As many of you are aware we released a website protection tool, CloudProxy WAF/IDS, at the beginning of the…
Ask Sucuri: Non-Alphanumeric Backdoors
If you have any questions about malware, blacklisting, or security in general, send them to contact@sucuri.net and we will write a post about it and…
Big Increase in Distributed Brute Force Attacks Against Joomla Websites
Update: Brute force protection now available: http://cloudproxy.sucuri.net/brute-force-protection A few months ago, we discussed and published details about a very large brute force attack targeting WordPress…