WP-CLI Guide: Secure WordPress Backup and Update


Welcome to our second post in the series on WP-CLI for WordPress management over SSH. In our previous post, we discussed how to get your SSH credentials and use WP-CLI to connect to your website over the command line. Before we get into changing
Read More

Webutation Distributing Malware Through Safety Badge


If you are using the Webutation badge on your site, remove it now. It appears they got hacked and are distributing malware to mobile devices through redirects hidden within the badge's code. We were analyzing a website that was compromised and
Read More

WP-CLI Guide: Connect to WordPress via SSH Intro


Do you use the WordPress dashboard to update plugins and themes? How do you back up your database? If you have not used it yet, WP-CLI is an efficient way to manage your WordPress installation using a command line interface, meaning you type text
Read More

10 Years of Joomla! – Supporting JoomlaDay Minnesota


As Joomla prepares to celebrate its 10 year anniversary, we want to be certain to join in the festivities. Why? Because open source platforms allow individuals to better support their families, capitalize on time at home, and maximize earning
Read More

Common Website Security Terminology Defined

Common wordpress risks and issues

If you want to keep your website safe, it is important to understand the website security terminology used to describe the causes and effects of hacks. Software vulnerabilities and access control issues are two of the main causes of website
Read More

Analyzing a Facebook Clickbait Worm


Here at Sucuri we suspect everything, especially when your friends start to share content written in another language with clickbait headlines. Malicious Facebook posts are one way that hackers can use social engineering to attract and attack
Read More

Magento Platform Targeted By Credit Card Scrapers


We’ve been writing a lot about ecommerce hacks and PCI Compliance recently. The more people buy things online, the more of an issue this will be come and the more important it will be to talk about it. We live in an online world where a single mi
Read More

Websites Hacked Via Website Backups


The past few months we've been spending a good deal of time talking about backups. This is for good reason, they are often your safety net when things go wrong; interestingly enough though, they are often the forgotten pillar of security. It's why we
Read More

10 Tips to Improve Your Website Security


In recent years there has been a proliferation of great tools and services in the web development space. Content management systems (CMS) like WordPress, Joomla!, Drupal and so many other allow business owners to quickly and efficiently build their
Read More

Security Advisory: Object Injection Vulnerability in WooCommerce

The get_paypal_order method

Security Risk: Dangerous Exploitation Level: Easy/Remote DREAD Score: 8/10 Vulnerability: Object Injection Patched Version:  2.3.11 During a routine audit for our WAF, we discovered a dangerous Object Injection vulnerability in WooCommerce
Read More