Analyzing Proxy Based Spam Networks


We are no strangers to Blackhat SEO techniques, we've actually spent a great deal of time working and sharing various bits of information related to Blackhat SEO techniques over the years. What we haven't shared, however, is the idea of Proxy-based
Read More

WordPress Brute Force Attacks – 2015 Threat Landscape

Screen Shot 2015-09-15 at 9.33.24 AM

One of the first server-level compromises I had to deal with in my life was around 15 years ago, and it was caused by an SSH brute force attack. A co-worker set up a test server and chose a very weak root password. A few days later, the box was
Read More

Ask Sucuri: How to Create Website Backups?


Recently I had the good fortune of being able to present at Wordcamp Vancouver 2015. My presentation was titled ‘Why Security Matters‘ and I mentioned website backups several times. One of the people who attended asked me a great question: I backup m
Read More

Malicious Google Search Console Verifications

Doorway script with Google verification file

This past summer we noticed a trend of more and more Blackhat SEO hacks trying to verify additional accounts as owners of compromised sites in Google Search Console (formerly Webmaster Tools). Google Search Console provides really useful i
Read More

Analyzing Popular Layer 7 Application DDoS Attacks


Distributed Denial of Service (DDoS) attacks have been a major concern for website owners for a while. All types of sites, from small to big, have been taken down and kept offline because of them. Even over-provisioned servers can be taken offline by
Read More

Demystifying File and Folder Permissions

File and Folder Permissions

If you have poked around a server before you have probably encountered file permissions. In fact, all computer file systems offer permissions based on the same core ideas. The file permissions in Linux, Mac, and Windows computers are very similar to
Read More

FunWebProducts UserAgent Bloating Traffic


Every once in a while we get a case that makes us dig deep to find answers. We have spoken before about the trouble with forensics and reasons why websites get hacked. Sometimes though, the answer is not clear and we can only gather clues to make an
Read More

Wigo Means Bingo for Blackseo Agent


This week my colleague Peter Gramantik showed me a few infected sites that had very similar code embedded in the WordPress index.php files: if (eregi('-dbst',$_SERVER['REQUEST_URI'])) { error_reporting(0); include ('license.txt'); exit(); } The
Read More

Persistent XSS Vulnerability in WordPress Explained

Security Risk: Dangerous Exploitation level: Easy DREAD Score: 6/10 Vulnerability: Persistent XSS Patched Version:  4.2.4 Last week the WordPress team released a patch that fixed 6 security vulnerabilities. Of the six, you'll find one  that we
Read More

Ask Sucuri: How Did My WordPress Website Get Hacked? – A Tutorial


With the proliferation of Infrastructure and Platform as a Service providers, it is no surprise that a majority of today's websites are hosting in the proverbial cloud. This is great because it allows organizations and individuals alike to quickly
Read More