Highly Effective Joomla Backdoor with Small Profile
Fioravante Souza It feels like every day we’re finding gems, or what appear to be gems to us. We try to balance the use of the term,…
Browsing Category
Security Education
681 posts
Sucuri CloudProxy Website Firewall Improvements
Daniel Cid If you are are a regular reader of our blog you probably know about our CloudProxy Website Firewall, it launched publicly a year ago. Since…
Mysterious Zencart Redirects Leverage HTTP Headers
Denis Sinegubko About a week ago we got an interesting Zencart case. Being that we don’t often write about Zencart we figured it’d be good time to…
Layer 7 DDOS – Blocking HTTP Flood Attacks
There are many types of Distributed Denial of Service (DDOS) attacks that can affect and bring down a website, and they vary in complexity and…
Zero Day Vulnerability in OpenX Source 2.8.11 and Revive Adserver 3.0.1
David Dede If you are using OpenX or the new Revive Adserver (fork of OpenX), you need to update it ASAP. Florian Sander discovered a serious SQL…
Understanding Google’s Blacklist – Cleaning Your Hacked Website and Removing From Blacklist
Today we found an interesting case where Google was blacklisting a client’s site but not sharing the reason why. The fact they were sharing very…
Google Bots Doing SQL Injection Attacks
One of the things we have to be very sensitive about when writing rules for our CloudProxy Website Firewall is to never block any major…
Understanding Search Engine Warnings – Part I – Google – This Site May Be Hacked
If you have any questions about malware, blacklisting, or security in general, send them to us: contact@sucuri.net and we will answer here. For all the…
Cleaning Up Your WordPress Site with the Free Sucuri Plugin
Update 9/9/16: We released a new guide to cleaning a hacked WordPress site with our plugin. If your site has been recently hacked and you…
WHMCS SQL Injection Vulnerability in the Wild
A few days ago, a zero-day SQL injection vulnerability in WHMCS was disclosed by localhost.re, along with the exploit code. It was quickly patched by…
CloudProxy WAF – September Report
*By Tony Perez and Daniel Cid As many of you are aware we released a website protection tool, CloudProxy WAF/IDS, at the beginning of the…