• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Black Hat Tactics

WordPress Continues to Fall Victim to Carding Attacks

April 14, 2021Ben Martin

WordPress Continues to Fall Victim to Carding Attacks

Unsurprisingly, as WordPress continues to increase in popularity as an e-commerce platform, attackers continue to attempt to steal credit card information from unsuspecting clients. Currently, the WordPress plugin WooCommerce accounts for roughly a quarter of all online stores. Over recent years, attackers whose goal it is to fradulently obtain credit card information have mostly focused on…

Read More about WordPress Continues to Fall Victim to Carding Attacks

How to know if you are under ddos attack

April 7, 2021Stephen Johnston

How to Know If You Are Under DDoS Attack

Nowadays, the term DDoS probably raises the heart rate of most webmasters. Though many don’t know exactly what a DDoS attack is, they do know the effect: an extremely sluggish…

Read More about How to Know If You Are Under DDoS Attack

PHP repository exploited by hackers

March 29, 2021Antony Garand

PHP Repository Exploited by Hackers

The official PHP git repository, http://git.php.net/, was compromised this Sunday, March 28. An attacker was able to modify the PHP source code twice and inject a backdoor into it. Thankfully,…

Read More about PHP Repository Exploited by Hackers

How do websites get hacked

March 25, 2021Mike Martens

How Do Websites Get Hacked?

As much as the web has grown, surprisingly not a lot has changed in how websites get hacked. The most important thing you can do in keeping the web –…

Read More about How Do Websites Get Hacked?

Trojan Spyware and BEC Attacks

March 3, 2021Luke Leal

Trojan Spyware and BEC Attacks

When it comes to an organization’s security, business email compromise (BEC) attacks are a big problem. One primary reason impacts are so significant is that attacks often use a human…

Read More about Trojan Spyware and BEC Attacks

Backdoor SQL Trigger

February 25, 2021Luke Leal

SQL Triggers in Website Backdoors

Over the past year, there’s been an increasing trend of WordPress malware using SQL triggers to hide malicious SQL queries within compromised databases. These queries inject an admin level user…

Read More about SQL Triggers in Website Backdoors

February 12, 2021Marc Kranat

UCEPROTECT: When RBLs Go Bad

Realtime Blackhole Lists (RBLs) can be a great tool in your security arsenal. You may not know you’re using them, but all email providers and company email servers leverage these…

Read More about UCEPROTECT: When RBLs Go Bad

Backdoors in Malicious Plugins

February 2, 2021Denis Sinegubko

Whitespace Steganography Conceals Web Shell in PHP Malware

Last November, we wrote about how attackers are using JavaScript injections to load malicious code from legitimate CSS files. At first glance, these injections didn’t appear to contain anything except…

Read More about Whitespace Steganography Conceals Web Shell in PHP Malware

Phishing Campaign

January 26, 2021Luke Leal

Phishing & Malspam with Leaf PHPMailer

It’s common knowledge that attackers often use email as a delivery mechanism for their malicious activity — which can range from enticing victims to click a phishing URL or download…

Read More about Phishing & Malspam with Leaf PHPMailer

Labs Note

January 21, 2021Luke Leal

Magento PHP Injection Loads JavaScript Skimmer

A Magento website owner was concerned about malware and reached out to our team for assistance. Upon investigation, we found the website contained a PHP injection in one of the…

Read More about Magento PHP Injection Loads JavaScript Skimmer

Phishing Campaign

January 14, 2021Luke Leal

Real-Time Phishing Kit Targets Brazilian Central Bank

We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page in real time. What our…

Read More about Real-Time Phishing Kit Targets Brazilian Central Bank

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2021 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.