Clever SEO Spam Injection
Pedro Peixoto It’s very common for us here at Sucuri to face SEO injections on almost any type of CMS-based site. Today, I’ll be presenting how one…
Browsing Category
Website Security
1031 posts
Naughty or Nice Websites
Juliana Lewis Santa Claus is coming! Was your website naughty or nice this year? Here is a quick checklist of the top 10 bad things that can…
Fake Volkswagen Campaign Spreads Through Social Networks
Peter Gramantik We recently investigated a suspicious link received by one of my colleagues on WhatsApp. The message (in Portuguese) states that Volkswagen is offering 20 free…
Localization and Customization of Credit Card Stealing Malware
Denis Sinegubko Credit card stealing malware is becoming more and more customized. We’ve been regularly seeing injected scripts with URLs that either mimic or include a portion…
Array String Obfuscation
Luke Leal We continue to see an increase in the number of these PHP injections that use multiple obfuscation methods to evade detection, but lately one method…
Fear, Uncertainty, and Doubt
Ben Martin There’s a term for the practice of scaring potential customers into purchasing products or services they don’t need: FUD; fear, uncertainty, and doubt. This practice…
Navigating Data Responsibility
Victor Santoyo As we take a step back and think about how much the Internet has grown over the past 20 years, we realize how much content/data…
A Scam-Free Cyber Monday for Online Businesses
Every year we see an increase in website attacks during the holidays. While business owners see their sales go up due to promotional Black Friday…
PCI for SMB: Requirement 9 – Implement Strong Access Control Measures
Update: Read our new PCI Compliance guide. Welcome to the sixth post of a series on understanding the Payment Card Industry Data Security Standard–PCI DSS.…
Real-Time Fine-Tuning of the WAF via API
Northon Torga Though the Sucuri Firewall is simple to set up and protects your website immediately, it’s possible to have granular control of the WAF by using…
Hackers Change WordPress Siteurl to Pastebin
Last Friday, we reported on a hack that used a vulnerability in the popular WP GDPR Compliance plugin to change WordPress siteurl settings to erealitatea[.]net.…