Navigating Data Responsibility
Victor Santoyo As we take a step back and think about how much the Internet has grown over the past 20 years, we realize how much content/data…
Side Effects of the Site_url Hack
Denis Sinegubko We\’ve been cleaning many sites infected by the so-called site_url hack–the result of the WP GDPR Compliance plugin vulnerability. The sites are broken because their…
A Scam-Free Cyber Monday for Online Businesses
Juliana Lewis Every year we see an increase in website attacks during the holidays. While business owners see their sales go up due to promotional Black Friday…
PCI for SMB: Requirement 9 – Implement Strong Access Control Measures
Update: Read our new PCI Compliance guide. Welcome to the sixth post of a series on understanding the Payment Card Industry Data Security Standard–PCI DSS.…
Real-Time Fine-Tuning of the WAF via API
Northon Torga Though the Sucuri Firewall is simple to set up and protects your website immediately, it’s possible to have granular control of the WAF by using…
Hackers Change WordPress Siteurl to Pastebin
Last Friday, we reported on a hack that used a vulnerability in the popular WP GDPR Compliance plugin to change WordPress siteurl settings to erealitatea[.]net.…
Erealitatea[.]net Hack Corrupts Websites with WP GDPR Compliance Plugin Vulnerability
Pedro Peixoto We have noticed a growing number of WordPress-based sites that have had their URL settings changed to hxxp://erealitatea[.]net. Further investigations show that the issue is…
Website Security Best Practices: 10 Tips to Keep Your Site Safe
Keir Desailly Having a website has become easier than ever due to the proliferation of great tools and services in the web development space. Content management systems…
New WordPress Security Email Course
Rianna MacLeod Recent statistics show that over 32% of website administrators across the web use WordPress. Unfortunately, the CMSs popularity comes at a price — attackers often…
Website Security Tips for Marketers
Alycia Mitchell In our previous post, we have discussed why marketers should have a proactive approach to website security. Today we are going to discuss some security…
Fake Wp.org/jquery.js
There is a long-lasting malware campaign (dating back to at least 2016) that injects fake jQuery scripts: <script type=”text/javascript” src=”hxxps://www.XX[X]wp[.]org/jquery.js”></script> Where XX[X] are 2 or…