• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Server Security

February 12, 2021Marc Kranat

UCEPROTECT: When RBLs Go Bad

Realtime Blackhole Lists (RBLs) can be a great tool in your security arsenal. You may not know you’re using them, but all email providers and company email servers leverage these services to verify whether servers and IP addresses are sending spam or other abusive content…

Read More about UCEPROTECT: When RBLs Go Bad

Hybrid Skimmers

June 5, 2020Denis Sinegubko

Evasion Tactics in Hybrid Credit Card Skimmers

The most common type of Magento credit card stealing malware is client-side JavaScript that grabs data entered in a checkout form and sends it to a third-party server controlled by…

Read More about Evasion Tactics in Hybrid Credit Card Skimmers

PinnacleCart Server-Side Skimmer & Backdoor

May 15, 2020Luke Leal

WordPress Malware Collects Sensitive WooCommerce Data

During a recent investigation, our team found malicious code that reveals how attackers are performing reconnaissance to identify if sites are actively using WooCommerce in a compromised hosting environment. These…

Read More about WordPress Malware Collects Sensitive WooCommerce Data

PinnacleCart Server-Side Skimmer & Backdoor

April 22, 2020Denis Sinegubko

PinnacleCart Server-Side Skimmers and Backdoors

While open-source ecommerce platforms are the most common targets for web skimmers, hackers also target paid-for software — especially if it’s used on high-profile online stores with large user-bases. This…

Read More about PinnacleCart Server-Side Skimmers and Backdoors

WordPress Database Bruteforce

March 11, 2020Denis Sinegubko

WordPress Database Brute Force and Backdoors

We regularly talk about brute force attacks on WordPress sites and explain why WordPress credentials should always be unique, complex, and hard to guess. However, the WordPress login is not…

Read More about WordPress Database Brute Force and Backdoors

August 6, 2019Denis Sinegubko

Autoloaded Server-Side Swiper

Front-end JavaScript-based credit card stealing malware has garnered a lot of attention within the security community. This makes sense, since the “swipers” can be easily detected by simply scanning the…

Read More about Autoloaded Server-Side Swiper

June 19, 2019Luke Leal

Cryptomining Dropper and Cronjob Creator

Recently, someone reached out to us about a malicious process they had discovered running on their web server. This process was maxing out the CPU, which is not unusual when…

Read More about Cryptomining Dropper and Cronjob Creator

PCI Compliance

March 11, 2019Victor Santoyo

PCI for SMB: Requirement 10 & 11 – Regularly Monitor and Test Networks

Update: Read our new PCI Compliance guide. Welcome to the seventh post of a series on understanding the Payment Card Industry Data Security Standard–PCI DSS. We want to show how…

Read More about PCI for SMB: Requirement 10 & 11 – Regularly Monitor and Test Networks

Improve your website security posture

August 30, 2018AJ Syed Ali

How to Improve Your Website Security Posture – Part II

In the first post of this series, we discussed some of the main website security threats. Knowing the website security environment is a vital part of a good website posture….

Read More about How to Improve Your Website Security Posture – Part II

Core Integrity Checksum for WordPress

August 28, 2018Gerson Ruiz

Core Integrity Verifications

In order to clean a malware infection, the first thing we need to know is which files have been compromised. At Sucuri, we use several techniques including whitelists, blacklists, and…

Read More about Core Integrity Verifications

Cryptominers, Variants, and Removal

August 2, 2018Tyler Lancy

Cryptominers: Binary-Process-Cron Variants and Methods of Removal

This post provides a brief overview of how to manually remove server-side cryptominers and other types of Binary-Process-Cron malware from a server. Unlike browser-based JavaScript cryptominers that have been injected…

Read More about Cryptominers: Binary-Process-Cron Variants and Methods of Removal

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2021 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.