What is Cookie Hijacking
Cesar Anjos Cookie hijacking involves unauthorized access to cookies, which are small pieces of data stored on your browser by websites you visit. Cookies often contain sensitive…
WordPress Maintenance: Tasks & Best Practices
Rianna MacLeod If you’re managing a WordPress site, it’s crucial to ensure it runs smoothly and securely. Many site owners worry that WordPress maintenance is a complex…
How to Set Up a Content Security Policy (CSP)
What is a Content Security Policy (CSP)? A Content Security Policy (CSP) is a security feature used to help protect websites and web apps from…
How to Harden WordPress With WP-Config & Avoid Data Exposure
Luke Leal What is wp-config.php? The wp-config.php file is a powerful core WordPress file that is vital for running your website. It contains important configuration settings for…
Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker
Matt Morrow In recent months, we have encountered a number of cases where attackers inject malware into website software that allows for custom or miscellaneous code —…
Web Shells: Types, Mitigation & Removal
Web shells are malicious scripts that give attackers persistent access to compromised web servers, enabling them to execute commands and control the server remotely. These…
Web shell downloader – simple attempt to avoid detection
Yuliyan Tsvetkov When dealing with compromised scenarios, our team has to be very thorough to remove all pieces of malware in the infected website. Most of the…
What is Steganography? (Or, How Hackers Hide Malware On Websites)
As a child, I loved sending secret messages to my friends using invisible ink. A quick squeeze of lemon juice was all I needed to…
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS
Puja Srivastava We often write about malware that steals payment information from sites built with Magento and other types of e-commerce CMS. However, WordPress has become a…
Sign1 Malware: Analysis, Campaign History & Indicators of Compromise
Ben Martin A new client recently came to us reporting seemingly random pop ups occurring on their website. While it was clear that there was something amiss…
WordPress Vulnerability & Patch Roundup March 2024
Sucuri Malware Research Team Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…