Who Really Owns Your Website? “Please Stop Hotlinking My Easing Script — Use a Real CDN Instead.”
Daniel Cid For the last few days, we have had some customers come to us worried thinking that their websites were compromised with some type of pop-up…
Browsing Category
Security Education
679 posts
Joomla Version 2.5.10 Released – Security Updates
Tony Perez This morning the Joomla development team released a new version of the Joomla platform. This is a Security release, so please be sure to update…
Update WP Super Cache and W3TC Immediately – Remote Code Execution Vulnerability Disclosed
Shame on us for not catching this a month ago when it was first reported, but it seems that two of the biggest caching plugins…
Cyber Criminals Take Advantage of Recent Boston Attack with SPAM
It pains me to write about this at all, but as despicable as this might appear, cyber criminals have started to take advantage of those…
The WordPress Brute Force Attack Timeline
Authored by Daniel Cid, Tony Perez. We have been blogging about the massive brute force attacks against WordPress websites over the past few days, today…
WordPress Malicious Plugin – WPPPM – Abusing 404 Redirects with SEO Poisoning
Bruno Borges, of our security team, came across an interesting case this week, in which a WordPress plugin was abusing the 404 rewrite rules and…
Brute Force Attacks and Their Consequences
There is a lot of interesting discussion across the interwebs on the intention of the latest string of brute force attacks. While I can’t repudiate…
Protecting Against WordPress Brute-Force Attacks
It was not long ago that I was sitting on a call with other members of the WordPress community in which we were talking abou…
WordPress Security Presentation by Tony Perez
Tomorrow I will be flying to my hometown (Miami) to give a Website Security presentation to a bunch of enthusiastic online professionals at an event…
Comment SPAM Bad Neighborhood Analysis (2013-Mar)
We track and block a lot of comment SPAM via our WordPress plugin and our CloudProxy WAF. One thing we noticed is that the majority…
Virtual Hardening with Sucuri CloudProxy
If you read our blog you know that we are really open to providing insight into malware infections, remediation and hardening tips. The goal is…