Attacks on Closed WordPress Plugins
John Castro The WordPress plugin repository team may “close” plugins and restrict downloads when they become aware of a security issue that the developer cannot fix quickly.…
Browsing Category
Website Security
1031 posts
ThinkPHP 5.x – Remote Code Execution Actively Exploited In The Wild
Earlier this year, we noticed an increase in attacks aiming at ThinkPHP. ThinkPHP is a PHP framework that is very popular in Asia. If you…
DDoS Targeting WordPress Search
Northon Torga Have you ever stopped to think about how many resources a search engine has or if your website could handle the same amount of search…
Malware Campaigns Sharing Network Resources: r00ts.ninja
Luke Leal We recently noticed an interesting example of network infrastructure resources being used over a period of time by more than one large scale malware campaign…
April Fool’s Day – TYPO3 Overtakes WordPress as Most Attacked CMS Due to Popularity
Val Vesa Disclaimer: This is an April Fool’s Day blog post and not all the information below is accurate. If you are looking for updated information on…
Conditional redirection to an online pharmacy store
Moe O During an investigation, a client reported some weird behavior from all incoming visits during their Google search engine result clicks are instantly redirected to an…
How to Choose a Website Security Provider
Josh Hammer As more people are creating websites and becoming aware of website security, companies are popping up everywhere to help with the problem. And just like…
![More on Dnsden[.]biz Swipers and Radix Obfuscation](https://blog.sucuri.net/wp-content/uploads/2019/03/03192019-uncommon-radixes-uses-in-malware-obfuscation-update_blog-390x183.jpg)
More on Dnsden[.]biz Swipers and Radix Obfuscation
Denis Sinegubko After recent publication of the Uncommon Radixes Used in Malware Obfuscation article, we found an interesting Twitter thread involving @EKFiddle and @Ledtech3 #EKFiddle [Regex update]:…
Arbitrary Directory Deletion in WP-Fastest-Cache
Marc-Alexandre Montpas The WP-Fastest-Cache plugin authors released a new update, version 0.8.9.1, fixing a vulnerability (CVE-2019-6726) present during its install alongside the WP-PostRatings plugin. According to seclists.org:…
Uncommon Radixes Used in Malware Obfuscation
Some JavaScript features allow for pretty interesting obfuscation techniques. For example, did you know that virtually any English word can be used as a valid…
PCI for SMB: Requirement 10 & 11 – Regularly Monitor and Test Networks
Victor Santoyo Update: Read our new PCI Compliance guide. Welcome to the seventh post of a series on understanding the Payment Card Industry Data Security Standard–PCI DSS.…