Spotlight: Website Security Response for Photographers
Alycia Mitchell It takes a lot of bravery to create a small business. Putting yourself out there and taking risks is not for the faint of heart.…
Browsing Category
WordPress Security
654 posts
Fake bb_press Plugin Redirects to Mobile Pornography
Fernando Barbosa When a website is hacked, we often find that attackers have injected multiple backdoors, web shells, and malicious code that allows them to regain access…
Hooking WordPress Class to Hide Malicious Users
John Castro When a website is compromised, attackers perform post-exploitation tasks to maintain access to the site for as long as possible. One of these actions is…
Hacked Website Report – 2016/Q3
Daniel Cid Today we are proud to release our quarterly Hacked Website Report for 2016/Q3. This report is based on data collected and analyzed by the Sucuri…
Exploited Script in WordPress Theme Sends Spam
Rodrigo Escobar Update 11/03/2017: If you want to learn how to secure WordPress, you can read all about it in our new guide. As WordPress continues to…
Cloned Spam Sites in Subdirectories
In a recent post, we covered how attackers were abusing server resources to create WordPress sites in subdirectories and distribute spam. By adding a complete…
New XM1RPC SEO Spam and Backdoor Campaign
We have been monitoring a new campaign specifically targeting WordPress sites, using hundreds of them for SEO spam distribution. We call it the XM1RPC campaign…
Learning From Buggy WordPress Wp-login Malware
Denis Sinegubko When a site gets hacked, the attack doesn’t end with the malicious payload or spam content. Hackers know that most website administrators will clean up…
Malicious WordPress Subdirectory Installs For SEO Spam
Remediating over 500 infected sites per day, we see attacks executed at varying levels of complexity. The tactics attackers use to compromise a site provide…
WordPress Hack Modifies Core Files to Share Spam
Bruno Zanelato One of the worst feelings a website owner can experience is discovering that your site has been hacked. Without proper security measures in place, even…
Hacked Website Report – 2016/Q2
Today we’re releasing our quarterly Hacked Website Report for 2016/Q2. The data in this report is based on compromised websites we worked on, with insights…