What is .htaccess Malware? (Detection, Symptoms & Prevention)
Ben Martin The .htaccess file is notorious for being targeted by attackers. Whether it’s using the file to hide malware, redirect search engines to other sites with…
What is php.ini? Where It’s Located, How to Edit & Common Directives
Rianna MacLeod The php.ini file, a critical configuration file containing your web server’s PHP settings, is integral to the functioning of your website. Each time PHP initiates,…
Sucuri WordPress Plugin Updates for 2024
At Sucuri, we believe in making the internet safe for everyone. One way we show this is through our free WordPress security plugin. The Sucuri…
What is File Integrity Monitoring (FIM)?
What is file integrity monitoring? File Integrity Monitoring (FIM) is a security measure that checks and compares files against a known baseline to detect any…
New Malware Campaign Found Exploiting Stored XSS in Popup Builder < 4.2.3
Puja Srivastava In January, my colleague reported about a new Balada Injector campaign found exploiting a recent vulnerability in the widely-used Popup Builder WordPress plugin which was…
From Web3 Drainer to Distributed WordPress Brute Force Attack
Denis Sinegubko Two weeks ago we discussed a new development in website hacks: Web3 crypto wallet drainers. We’ve been closely following the most significant variant which injects…
What is the Gibberish Hack?
Justin Channell Discovering some random folder with numbers and letters you don’t remember on your website would make any website owner put on their detective cap. At…
What Do Hackers Get By Hacking a Website?
Thousands of sites are hacked on a daily basis. In fact, last quarter alone 267,614 site infections were detected with our SiteCheck remote scanner. One…
How to Find & Remove Malware in Favicon (.ico) Files
When a website is hacked symptoms can sometimes include unexpected, unfamiliar and strangely located favicon or .ico files. Other symptoms might include: ”This site may…
New SocGholish Malware Variant Uses Zip Compression & Evasive Techniques
Readers of this blog should already be familiar with SocGholish: a widespread, years-long malware campaign aimed at pushing fake browser updates to unsuspecting web users.…
Is WordPress Secure?
Justin Daniel According to W3Techs, 43.2% of all websites on the internet use WordPress. And of all websites that use a CMS (Content Management System) more than…