Personal Online Security – Account Management
Victor Santoyo Continuing a series on how to better strengthen your personal online privacy, we are looking to take personal inventory of how we connect online. These…
Browsing Category
Website Security
1024 posts
Fake AmeriCommerce Shopping Cart
Denis Sinegubko Our malware analyst Liam Smith recently found malware on a client’s site that targets ecommerce sites powered by AmeriCommerce software. A popular ecommerce software solution…
Malicious JavaScript Used in WP Site/Home URL Redirects
Luke Leal Our team recently found a malicious JavaScript injection within the WordPress index.php theme file on a compromised WordPress website which ultimately redirects site visitors to…
Simple WAF Evasion Backdoor
Our team recently located a malicious PHP file on a compromised website which claims to evade web application firewalls, with the intention of downloading a…
DoS Tool: 403.php
One of our analysts, Kaushal Bhavsar, found a malicious DoS file within a compromised website’s filesystem under the filename 403.php. Aptly named after 403 error…
Zen Cart “PayPal” Skimmer
While we mostly see skimmers on Magento based websites, this does not mean that less-popular ecommerce platforms are safe from infections with similar payment information…
Authentication Bypass Vulnerability in InfiniteWP Client <= 1.9.4.4
Marc-Alexandre Montpas An authentication bypass vulnerability affecting more than 300,000 InfiniteWP Client plugin users has recently been disclosed to the public. This plugin allows site owners to…
Clean Logs After Rooting Bash Script
During an active research investigation, we found an interesting bash script described by the author as Clean Logs After Rooting. This script is used once…
Top 10 Sucuri Research Articles in 2019
Justin Channell As we settle into 2020, it’s a good time to look back at what was learned in the previous year. After all, the past provides…
What is Cross-Site Contamination?
Juliana Lewis How many websites do you currently have on your server? If the answer is something along the lines of, “One that I really care about,…
Why 2FA SMS is a Bad Idea
Editorial: This post was last updated 13th, 2022. What is 2FA? Two-factor authentication (2FA) offers a second layer of security to help protect an account…