“Play One” Hidden Style Obfuscation
Denis Sinegubko For many years, spam injections placed inside legitimate pages remain one of the prevalent types of black hat SEO hacks that we clean. Hackers constantly…
How to Secure Websites for Clients
Dre Armeda In our last webinar, How To Account For Security With Customer Projects, I spoke about maintenance and sustainment contracts – specifically how to use them…
Unrestricted Backend Login Backdoor on OpenCart
Cesar Anjos From the attacker’s perspective, creating ways to maintain access to a compromised website is desirable. We call them backdoors. Backdoors can be done in different…
Hidden iframe Injected into WordPress core file
Krasimir Konov Injecting malware into core files of CMS installations is one of the techniques attackers use. From the user’s perspective, it is easier to detect and…
Exploited Script in WordPress Theme Sends Spam
Rodrigo Escobar Update 11/03/2017: If you want to learn how to secure WordPress, you can read all about it in our new guide. As WordPress continues to…
Image defacement hides content from search engines
Yuliyan Tsvetkov Website defacement is still a big issue for various website owners. It directly impacts on your online presence / visibility and as a consequence, it…
Geo location and Credit Card data been stolen from Magento
Lately, we’ve uncovered and detailed lots of techniques being used against e-commerce platforms to steal sensitive information, mostly credit card and login credentials. With the…
Ask Sucuri: Can Your cPanel Page Be Maliciously Redirected?
Luke Leal Many webmasters may not be aware that hackers are able to maliciously redirect cPanel pages. The specific tactic we describe in this article is unique.…
Spam SEO Injector Circumventing Defense Techniques
I was assisting a client with their compromised website and came across a file called unsave.php that was primarily used to inject a rewrite into…
Spotlight: How StreetHunters Fixed a Website Hack
Alycia Mitchell Two years ago, we started compiling reviews from Sucuri customers. Today we have over 60 case studies, most of them from web developers and designers.…
Malware DB Injection called via theme file
Attackers use different techniques to distribute SPAM in a compromised website. Most of the time they choose the file structure to inject the malicious code…