Website Security News
Our team recently found a malicious JavaScript injection within the WordPress index.php theme file on a compromised WordPress website which ultimately redirects site visitors to a survey-for-gifts scam website. At this time of writing, we have seen over two thousand new infected sites since we…
Read More about Malicious JavaScript Used in WP Site/Home URL Redirects
While we mostly see skimmers on Magento based websites, this does not mean that less-popular ecommerce platforms are safe from infections with similar payment information stealing malware. Our security analyst…
As we settle into 2020, it’s a good time to look back at what was learned in the previous year. After all, the past provides valuable lessons for the future….
How many websites do you currently have on your server? If the answer is something along the lines of, “One that I really care about, some older ones that I…
One of the biggest malicious trends in the last few months and years are credit card stealers — also commonly referred to as credit card skimmers or cc stealers. In…
Read More about The Anatomy of Website Malware Part 2: Credit Card Stealers
This is a story about the SoakSoak malware campaign that proved that you can’t underestimate impact of security issues in popular premium software. These days, the majority of popular content…
Read More about 5 Year Anniversary of the SoakSoak Malware Tsunami
In past posts, we’ve discussed the more popular reasons why hackers target smaller websites. Today, we’ll focus instead on how hackers use compromised websites to spread dangerous malware like Emotet…
Read More about How Websites Are Used to Spread Emotet Malware
Malware obfuscation comes in all shapes and sizes — and it’s sometimes hard to recognize the difference between malicious and legitimate code when you see it. Recently, we came across…
Our Remediation team lead Ben Martin recently found a fake Google domain that is pretty convincing to the naked eye. The malicious domain was abusing the URL shortener service is.gd:…
Read More about Another Fake Google Domain: fonts.googlesapi.com
Sucuri’s focus has always been on educating website owners about the latest threats and vulnerabilities — and much of that depends on our industry-leading research team. As the holiday season…
Read More about Website Security Tips for Black Friday & Cyber Monday
With the end of November comes the height of the holiday shopping season — specifically Black Friday and Cyber Monday sales, which typically span the last calendar days of November…
Read More about Black Friday/Cyber Monday Ecommerce Security Threats
