ImageMagick Remote Command Execution Vulnerability
Daniel Cid ImageMagick is a popular software used to convert, edit and manipulate images. It has libraries for all common programming languages, including PHP, Python, Ruby and…
Security Advisory: Stored XSS in bbPress
Marc-Alexandre Montpas During regular research audits of our Sucuri Firewall, we discovered a Stored XSS vulnerability affecting the bbPress plugin for WordPress which is currently installed on…
Cloned Websites Stealing Google Rankings
Cesar Anjos We often speak of black hat SEO tactics and content scraping sites are just one example of such tactics. Scraping is the act of copying…
Credit Card Stealer on osCommerce
Ahmad Azizan Idris We regularly detect malware that targets payment modules on compromised ecommerce websites, mainly on Magento. Recently we’ve stumbled upon the same threat on osCommerce. The…
How to Find & Fix Mixed Content Issues with SSL / HTTPS
Tony Perez Update: If you need help transitioning your website from HTTP to HTTPS, check out our guide on how to install an SSL certificate. What is Mixed…
Excessive Resource Usage by Replica Spam
Bruno Zanelato Chinese replica spam campaigns aim for large number of doorways per infected site. And quite often their doorways are static, which means hundreds of thousands…
SEO Spam Technique Designed to Avoid Detection
Peter Gramantik Ten years ago the internet looked very different than it does now. Today, web designers have more options and standards to make a website stand…
Ask Sucuri: What is an XSS Vulnerability?
Rodolfo Assis Question: What is an XSS vulnerability? Should I be concerned about an XSS vulnerability? XSS (short for Cross-Site Scripting) is a widespread vulnerability that affects…
Invisible WordPress Posts
Denis Sinegubko A compromised website is perfect for placing black hat SEO doorways. Usually hackers either create such doorways as static files in deep subdirectories or use…
Ask Sucuri: Differentiate Between Security Firewalls
Question: How should a website owner differentiate between firewalls? What do they do? The term “firewall” is not new. It is common terminology in the…
Malicious Cron Jobs
Krasimir Konov You may remove malware from files and a database, close all security holes, change all passwords, but your site still gets reinfected regularly. It may…