X-Cart Skimmer with DOM-based Obfuscation
Denis Sinegubko Our lead security analyst Liam Smith recently worked on an infected X-Cart website and found two interesting credit card stealers there — one skimmer located…
Browsing Category
Website Security
1020 posts
Massive WordPress JavaScript Injection Campaign Redirects to Ads
Krasimir Konov Our remediation and research teams regularly find malicious redirects on client sites. These infections automatically redirect site visitors to third-party websites with malicious resources, scam…
Examining Emerging Malware: Website Backdoors
Ben Martin Next up in our “This didn’t quite make it into the 2021 Threat Report, but is still really cool” series: New and emerging backdoor variants…
Manually Identifying an X-Cart Credit Card Skimmer
Liam Smith During a recent investigation, a new client came to us reporting that their antivirus had detected a suspicious domain loading on their website’s checkout page.…
WooCommerce Credit Card Skimmers Concealed In Fake Images
Matt Morrow Our research and remediation teams have noticed an increase in WooCommerce credit card skimmers on client sites over the past few years, as detailed in…
Hacked Website Threat Report 2021
Our 2021 Website Threat Research Report details our findings and analysis of emerging and ongoing trends and threats in the website security landscape. We’ve put…
WordPress Vulnerabilities & Patch Roundup — April 2022
Antony Garand Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Keeping Up With PHP Updates
Ashley Sand Staying on top of critical security risks and vulnerabilities is imperative for the safety of your website. Some of the types of threats impacting our client…
Poodle and Doodle, FUD and the Sucuri WAF
Marc Kranat On any given day, Sucuri sees thousands of clients go through the PCI compliance process. The requirements outlined by the Payment Card Industry Data Security…
The Case for 2FA by Default for WordPress
Administrator panel compromises are one of the most common attacks that everyday WordPress website admins face. We work with thousands of clients who have encountered…
WordPress Overtakes Magento in Credit Card Skimmers
One of the most important monitoring tools in our security platform is our Sucuri SiteCheck scanner. It’s a free tool to scan your website for…