Unraveling Authentication and Authorization in Web Security
Kyle Knight Authentication and authorization – they sound alike, often get used interchangeably, and are absolutely crucial for web application security. But let’s be real, getting them…
WordPress Vulnerability & Patch Roundup September 2024
Sucuri Malware Research Team Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
How to Know if Your Website Is Hacked
Whether you manage a gaming blog, an e-commerce platform, or an enterprise-level website you probably want to be able to detect infections when they occur.…
7 Steps to Remove Malware from WordPress
If you’ve ever had your website compromised by malware, you know the sheer panic it can cause. But don’t worry, you’re not alone. More importantly…
Woo Skimmer Uses Style Tags and Image Extension to Steal Card Details
Ben Martin This post starts the same way many others do on this blog, and it will be familiar to those who keep up with website security:…
SiteCheck Remote Website Scanner — Mid-Year 2024 Report
Conducting an external website scan for indicators of compromise is one of the easiest ways to identify security issues. While remote website scanners may not…
WordPress Vulnerability & Patch Roundup August 2024
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
12 Best Practices to Secure Your WordPress Login Page
WordPress powers a significant portion of websites on the internet. With this popularity comes the need for strict security measures, especially for the login page.…
WordPress Websites Used to Distribute ClearFake Trojan Malware
Unfortunately, scams are all over the place, and anybody who has surfed the web should know this. We’ve all gotten phishing emails, or redirected to…
The Security Risks of Using Nulled WordPress Plugins
The prospect of obtaining premium features without spending a dime is tempting. Nulled WordPress plugins and themes, often being advertised as the no cost versions…
PrestaShop GTAG Websocket Skimmer
During a recent investigation we uncovered another credit card skimmer leveraging a web socket connection to steal credit card details from an infected PrestaShop website.…