DoS Tool: 403.php
Luke Leal One of our analysts, Kaushal Bhavsar, found a malicious DoS file within a compromised website’s filesystem under the filename 403.php. Aptly named after 403 error…
Browsing Category
Website Security
1031 posts
Zen Cart “PayPal” Skimmer
While we mostly see skimmers on Magento based websites, this does not mean that less-popular ecommerce platforms are safe from infections with similar payment information…
Authentication Bypass Vulnerability in InfiniteWP Client <= 1.9.4.4
Marc-Alexandre Montpas An authentication bypass vulnerability affecting more than 300,000 InfiniteWP Client plugin users has recently been disclosed to the public. This plugin allows site owners to…
Clean Logs After Rooting Bash Script
During an active research investigation, we found an interesting bash script described by the author as Clean Logs After Rooting. This script is used once…
Top 10 Sucuri Research Articles in 2019
Justin Channell As we settle into 2020, it’s a good time to look back at what was learned in the previous year. After all, the past provides…
What is Cross-Site Contamination?
Juliana Lewis How many websites do you currently have on your server? If the answer is something along the lines of, “One that I really care about,…
Why 2FA SMS is a Bad Idea
Editorial: This post was last updated 13th, 2022. What is 2FA? Two-factor authentication (2FA) offers a second layer of security to help protect an account…
The Anatomy of Website Malware Part 2: Credit Card Stealers
Peter Gramantik One of the biggest malicious trends in the last few months and years are credit card stealers — also commonly referred to as credit card…
How Passwords Get Hacked
How many passwords do you use in a given day? Everything on the internet requires a password. It can be tough to keep track of…
5 Year Anniversary of the SoakSoak Malware Tsunami
Denis Sinegubko This is a story about the SoakSoak malware campaign that proved that you can’t underestimate impact of security issues in popular premium software. These days,…
How Websites Are Used to Spread Emotet Malware
In past posts, we’ve discussed the more popular reasons why hackers target smaller websites. Today, we’ll focus instead on how hackers use compromised websites to…