Website Security News
Learn about the latest website security news from our research and incident response teams. Find out about emerging website malware campaigns and the best steps to protect your site from hackers. To learn more check out the series of website security guides created by our team.
A website owner recently reached out to us about a pop-up advertisement problem on their website which occurred any time someone clicked anywhere on the web page. This irritating pop-up didn’t come from malware placed in the website’s files or database, but rather from a…
Read More about How Domain Expiration Can Potentially Disrupt Other Websites
A DDoS (Distributed Denial of Service) is an attack that focuses on making the website unavailable to its legitimate users. DDoS attacks can produce service interruptions, introduce large response delays, and…
Read More about The Largest DDoS Attacks & What You Can Learn From Them
At Sucuri, we understand that most web professionals and web agencies ultimately need to make their clients part of the decision-making process for choosing to secure their sites. Overall, website…
A hack or cyber attack is the act of maliciously entering, taking control over, or manipulating by force a web application, server, or file that belongs to someone else. Cyber…
Read More about What Hackers Do after Gaining Access to a Website
In my years of experience working alongside agencies, I’ve realized that managed providers and other web pros who offer website maintenance to their clients, have a hard time convincing them…
Read More about How to Create a Website Maintenance Plan & Contract
Over the past few weeks, we’ve seen an increase in Troldesh ransomware using compromised websites as intermediary malware distributors. The malware often uses a PHP file that acts as a…
Last year we saw a fairly massive Magento malware campaign that injected credit card stealing code similar to this: It uses the JavaScript atob function to decode base64-encoded domain names…
Front-end JavaScript-based credit card stealing malware has garnered a lot of attention within the security community. This makes sense, since the “swipers” can be easily detected by simply scanning the…
During a recent cleanup, we found an interesting malicious WordPress plugin, “WP Security”, that was being used to encrypt blog post content. The website owner complained of a newly installed…
Read More about Malicious Plugin Used to Encrypt WordPress Posts
Most of us are familiar with Neapolitan ice cream: a flavour whose distinguishing characteristic is not one single flavour but several. Many also know it as the ice cream which…
Hardening is the process of securing a website or system against known security weaknesses or potential issues to reduce the attack surface. The more functions or features a website has,…
