Vulnerability Disclosed in SSL 3.0 – This Poodle Bites
Joseph Herbrandson It seems that SSL just cannot stay out of the news. Another vulnerability, this time in SSL 3.0, has been disclosed at the Google Online…
WordPress Websites Continue to Get Hacked via MailPoet Plugin Vulnerability
Daniel Cid The popular Mailpoet(wysija-newsletters) WordPress plugin had a serious file upload vulnerability a few months back, allowing an attacker to upload files to vulnerable sites. This…
Website Attacks – SQL Injection And The Threat They Present
We are starting a new series of articles where we will talk about different active website attacks we are seeing. The first one we will…
Phishing with Help from Compromised WordPress Sites
We get thousands of spam and phishing emails daily. We use good spam filters (along with Gmail) and that greatly reduces the noise in our…
Website Security: A Case of SEO Poisoning
Fernando Barbosa There are so many ways your website can be co-opted by hackers for many different reasons, targeting the value created via your SEO is highly…
Joomla! 3.3.5 Released – Fixing High Priority Security Issues
Update: It seems like there is a glitch in the new version and the Joomla team is urging its users not to upgrade yet. From…
Bash – ShellShocker – Attacks Increase in the Wild – Day 1
The Bash ShellShocker vulnerability was first disclosed to the public yesterday. Just a few hours after the initial release, we started to see a few…
Bash Vulnerability – Shell Shock – Thousands of cPanel Sites are High Risk
The team behind the Bash project (the most common shell used on Linux) recently issued a patch for a serious vulnerability that could allow for…
Security Advisory – Hikashop Extension for Joomla!
Marc-Alexandre Montpas In a routine audit of our Website Firewall we discovered a serious vulnerability within the Hikashop ecommerce product for Joomla! allowing remote code execution on…
Website Malware – Curious .htaccess Conditional Redirect Case
Fioravante Souza I really enjoy when I see different types of conditional redirects on compromised sites. They are really hard to detect and always lead to interesting…
Conditional Malicious iFrame Targeting WordPress Web Sites
We have an email address, labs@sucuri.net where we receive multiple questions a day about various forms of malware. One of the most common questions happen…