Browser Extension Bug Leads to Post Injection
Cesar Anjos A few years ago, we saw how a browser extension introduced a threat to serve unwanted ads. Today, the number of browser extensions available to…
Hardening WordPress on Apache, Nginx, or IIS
Alycia Mitchell Server configuration files allow administrators to restrict access and make changes at the server level. Depending on the server software you use, there are different…
Hiding Malware Inside Images on GoogleUserContent
Denis Sinegubko If you have been following our blog for a long time, you might remember us writing about malware that used EXIF data to hide its…
Using Innocent roles to hide admin users
All across the internet we find guides and tutorials on how to keep your WordPress site secure, and they all approach the concept of user…
Persistent Malicious Redirect Variants
Peter Gramantik It’s always nice to meet an old friend or someone you used to know well. You have news to share and talk about, stories to…
WordPress Update – 4.9.7 Security & Maintenance Release
Marc-Alexandre Montpas The WordPress team has just released a critical security and maintenance update to resolve a number of bugs and security issues. Included in this release…
CoinImp Cryptominer and Fully Qualified Domain Names
We are all familiar with the conventional domain name notation, where different levels are concatenated with the full stop character (period). E.g. “www.example.com”, where “www”…
Google and Facebook Used in Phishing Campaigns
Fioravante Souza We’ve all seen sketchy looking emails or texts with malicious links to click on. There are still people who fall for these more obvious types…
Sucuri Enhances Security by Disabling TLS Version 1.0 and 1.1
Daniel Cid Protecting our users’ information and privacy is extremely important to us. As a cloud-based security service, we are fully committed to complying with the PCI…
What are Website Backdoors?
Juliana Lewis When a site gets compromised, the attackers will often leave some piece of malware behind to allow them access back to the site. Hackers want…
Why You Should Care about Website Security on Your Small Site
Krasimir Konov Most people assume that if their website has been compromised, there must have been an attacker evaluating their site and looking for a specific vulnerability…