E-Commerce Security – Planning for Disasters
Victor Santoyo This is the last post in our series on E-commerce Security: Intro to Securing an Online Store – Part 1 Intro to Securing an Online…
Browsing Category
Website Security
1031 posts
Backdoor Uses Paste Site to Host Payload
Bruno Zanelato Finding backdoors is one of the biggest challenges of a website security analyst, as backdoors are designed to be hidden in case the malware is found…
Outdated Duplicator Plugin RCE Abused
Peter Gramantik We’re seeing an increase in the number of cases where attackers are disabling WordPress sites by removing or rewriting its wp-config.php file. These cases are all linked…
Unsuccessfully Defaced Websites
Luke Leal Defaced websites are a type of hack that is easy to notice and a pain for website owners. Recently, we came across some defacement pages…
New Guide on How to Use the Sucuri WordPress Security Plugin
Juliana Lewis Sucuri has always been active in the WordPress community. We’ve attended WordCamps around the world, created tools and features specifically for WordPress, and have maintained…
“Google Fonts” popup leads to malware
A recent malware injection in a client\’s WordPress file was found to be targeting website visitors that were using the Google Chrome browser to access…
PCI for SMB: Requirement 5 & 6 – Maintain a Vulnerability Management Program
Update: Read our new PCI Compliance guide. This is the fourth post in a series of articles on understanding the Payment Card Industry Data Security…
WordPress Database Upgrade Phishing Campaign
Denis Sinegubko We have recently been notified of phishing emails that target WordPress users. The content informs site owners that their database requires an update and looks…
How to Improve Your Website Security Posture – Part II
AJ Syed Ali In the first post of this series, we discussed some of the main website security threats. Knowing the website security environment is a vital part…
Core Integrity Verifications
Gerson Ruiz In order to clean a malware infection, the first thing we need to know is which files have been compromised. At Sucuri, we use several…
Fake Font Dropper
Moe O Every day we see different website infections. When we receive unusual or interesting cases, our researcher instincts are triggered to investigate the unusual website behavior…