Cloud-based (FILE) Integrity Monitoring
David Dede If you are a system administrator or have ever worked with security, you probably heard the terms file integrity monitoring or file integrity checking. If…
Browsing Category
Website Security
1031 posts
Screenshot of the apache.org defacement (10 years ago)
We recently published a case study of the apache.org defacement that happened 10 years ago. You can read it here: Apache.org defaced – Security archive…
Ecuador Government site hacked and spreading malware
Colombia, Venezuela and now Ecuador. How far are we from reporting the whole South America? 🙂 The web site from the ‘Municipio del Cantón Mejía’…
Apache.org defaced – Security archive case study
Security Archive: Remembering security incidents to make sure we don’t commit the same mistakes over and over again. Want to read more stories like this…
The Importance of logging for web applications – Security talk
If you think that your logs are only useful when something crashes or when you need to troubleshoot errors on your web application, think again!…
Honeypot analysis – Full disclosure works
When all else fails, *full disclosure (the process) seems to work. Early in January, we sent a bunch of emails to the people at the…
.ORG whois reporting DNSSEC status
I was glad to see a handful of whois updates today coming from all the .ORGs that we are monitoring at Sucuri. Basically now at…
PHP in the user agent (attacking log analysis tools?)
Lately I started to see a few web-based attacks with a php script inside the user agent. Something like this: a.b.229.82 – – [19/Jan/2010:22:43:39 -0700]…
Amazon.com blacklisted by SpamHaus XBL
Update: Spamhaus contact us to let us know that they removed amazon from the blacklist and are investigating the issue. SPAMHAUS has various blacklists and…
Fingerprinting web applications
This paper describes a technique to remotely detect the version (fingerprint) of a web application. We cover WordPress, Mediawiki and Joomla in the article, but…
Quick Sucuri Update
We are very happy to announce that we reached 5 thousand (yes, 5k) sites being monitored by our Network Integrity Monitor solution. To celebrate, we…