Sucuri CloudProxy WAF – Fake Bots Explained
Daniel Cid One of the most common questions we have been getting since launching our CloudProxy WAF is regarding bot activity and why it appears that we…
Auto Generated IFrames To Blackhole Exploit Kit – Following the Cookie Trail
We often talk about websites being compromised and injected with malware that redirect users to exploit kits. We unfortunately don’t give you a complete picture…
Malaysian Election and DDOS
David Dede Malaysia is having an election this weekend that has been surrounded by issues. We won’t go into the politics, but one of our client’s sites…
W3 Total Cache and WP Super Cache Vulnerability Being Targeted in the Wild
Tony Perez As if on queue, almost 7 days since we released the post about the latest W3TC and WP Super Cache remote command execution vulnerability, we…
Who Really Owns Your Website? “Please Stop Hotlinking My Easing Script — Use a Real CDN Instead.”
For the last few days, we have had some customers come to us worried thinking that their websites were compromised with some type of pop-up…
Game of Coins: The Uprise of Bitcoin Mining
Dre Armeda Research by Daniel Cid. Authored by Dre Armeda. One thing you can’t take away from some of the attackers we deal with everyday is their…
Apache Web Server Attacks Continue to Evolve
For the past few months we have seen a gradual increase in server-level compromises. In fact, every week it seems we’re handling half a dozen…
LivingSocial Hacked — More Than 50 Million Accounts Compromised
Just as we were thinking we were going to avoid any major enterprise compromises this week, LivingSocial announces that it has been compromised and some…
Apache Binary Backdoors on Cpanel-based servers
For the last few months we have been tracking server level compromises that have been utilizing malicious Apache modules (Darkleech) to inject malware into websites.…
Joomla Version 2.5.10 Released – Security Updates
This morning the Joomla development team released a new version of the Joomla platform. This is a Security release, so please be sure to update…
Update WP Super Cache and W3TC Immediately – Remote Code Execution Vulnerability Disclosed
Shame on us for not catching this a month ago when it was first reported, but it seems that two of the biggest caching plugins…