Unraveling Authentication and Authorization in Web Security
Kyle Knight Authentication and authorization – they sound alike, often get used interchangeably, and are absolutely crucial for web application security. But let’s be real, getting them…
Browsing Tag
Permissions
13 posts
Fake WordPrssAPI Stealing Cookies and Hijacking Sessions
Cesar Anjos Cookies are stored in the user’s browser to track behavior on a specific website. They also keep a user logged in during the active browsing…
Ask Sucuri: Can Your cPanel Page Be Maliciously Redirected?
Luke Leal Many webmasters may not be aware that hackers are able to maliciously redirect cPanel pages. The specific tactic we describe in this article is unique.…
Learning From Buggy WordPress Wp-login Malware
Denis Sinegubko When a site gets hacked, the attack doesn’t end with the malicious payload or spam content. Hackers know that most website administrators will clean up…
Details on the Privilege Escalation Vulnerability in Joomla
Marc-Alexandre Montpas Yesterday, Joomla! 3.6.4 was released, patching a critical privilege escalation and arbitrary account creation vulnerability. As we’ve seen some exploits attempts occurring in the wild,…
Joomla Account Creation Vulnerability
Daniel Cid The Joomla team released a patch for a serious security vulnerability affecting all Joomla versions from 3.4.4 and up. If you’re using one of these…
Malicious Google Search Console Verifications
This past summer we noticed a trend of more and more Blackhat SEO hacks trying to verify additional accounts as owners of compromised sites in Google Search…
Demystifying File and Folder Permissions
Alycia Mitchell If you have poked around a server before you have probably encountered file permissions. In fact, all computer file systems offer permissions based on the…
10 Tips to Improve Your Website Security
Keir Desailly In recent years there has been a proliferation of great tools and services in the web development space. Content management systems (CMS) like WordPress, Joomla!,…
Website Firewall Update – Introducing 2FA and More
Today we are launching the new and improved Protected Page capability in our Website Firewall. It allows for a simple (1-click) activation of secondary authentication…
Protecting Against WordPress Brute-Force Attacks
Tony Perez It was not long ago that I was sitting on a call with other members of the WordPress community in which we were talking abou…