Keeping Up With PHP Updates
Ashley Sand Staying on top of critical security risks and vulnerabilities is imperative for the safety of your website. Some of the types of threats impacting our client…
Poodle and Doodle, FUD and the Sucuri WAF
Marc Kranat On any given day, Sucuri sees thousands of clients go through the PCI compliance process. The requirements outlined by the Payment Card Industry Data Security…
Critical RCE Vulnerability in Elementor WordPress Plugin
Antony Garand Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 Vulnerability: Remote code execution (RCE) Patched Version: 3.6.3 On April 12th, an important security update was…
Sucuri WordPress Plugin += Sucuri WAF
Victor Santoyo Sucuri has always been a dedicated supporter of the WordPress community. Our free plugin was one of our first contributions to WordPress security (before bootstrapping…
The Case for 2FA by Default for WordPress
Ben Martin Administrator panel compromises are one of the most common attacks that everyday WordPress website admins face. We work with thousands of clients who have encountered…
WordPress Overtakes Magento in Credit Card Skimmers
One of the most important monitoring tools in our security platform is our Sucuri SiteCheck scanner. It’s a free tool to scan your website for…
WordPress Popunder Malware Redirects to Scam Sites
Over the last year we’ve seen an ongoing malware infection which redirects website visitors to scam sites. So far this year our monitoring has detected…
New Wave of AnonymousFox Cron Jobs
Recently our Remediation and Research teams have noticed a new wave of malicious cron jobs associated with the notorious AnonymousFox malware. The cron jobs are…
Top 5 Topics to Discuss with Clients About Website Security
If you’re a website developer or server administrator it’s always a good idea to inform your clients about the basics in terms of their website’s…
The Mystery Admin User
One of our clients recently submitted a malware removal request with a curious problem: A mystery admin user kept getting re-created on their website. Try…
What are the Best Security Testing Tools (Open Source)?
Seeking a reliable security testing tool can be overwhelming, given how large the opsec environment has grown over these last few years. Given how large…