The Joomla team just released 2 security updates and pushed out the stable versions for Joomla 2.5.19 and 3.2.3. If you run your site on Joomla, you need to update and apply these patches ASAP to ensure that your site continues to run securely. If you are behind our CloudProxy Firewall, we will virtually patch […]
Archive by Author
Highly Effective Joomla Backdoor with Small Profile
It feels like every day we’re finding gems, or what appear to be gems to us. We try to balance the use of the term, but I can’t lie, these are truly gems. The things they are doing, and by they I mean the attackers, are in some instance ingenious. I think you’ll agree that […]
Sucuri CloudProxy Website Firewall Improvements
If you are are a regular reader of our blog, you probably know about our CloudProxy Website Firewall which launched publicly almost a year ago. Since then, our team has been extremely focused on improving it everyday. If you are not familiar with CloudProxy, I highly recommend reading some of the documentation and benefits of […]
SiteCheck Chrome Extension Now Available
Have you ever wondered if the websites you (or your family) visit contain code that is potentially harmful to you or your computer? If you are a Chrome user, then you’re in luck because we’ve made it much simpler for you to utilize SiteCheck, our website malware scanner. Whether you want to scan your own […]
Malicious iFrame Injections Host Payload on Tumblr
It’s always fun to watch malware developers using different techniques to code their creations. Sometimes it’s a matter of obfuscation, placement, injection, but this time it’s how they code it to be dynamic. I believe this is not the first one that uses this service, but it’s the first time I’m seeing it. Twitter and […]
PHP Backdoors: Hidden With Clever Use of Extract Function
When a site gets compromised, one thing we know for sure is that attackers love to leave malware that allows them access back to the site; this type of malware is called a backdoor. This type of malware was named this because it allows for remote control of a compromised website in a way that […]
Mysterious Zencart Redirects Leverage HTTP Headers
About a week ago we got an interesting Zencart case. Being that we don’t often write about Zencart we figured it’d be good time to share the case and details on what we found. The Scenario The site was redirecting to “www .promgirl .de”. I know, not very unique. Additionally, it was only affecting “www” […]
Not Just Pills or Payday Loans, It’s Essay SEO SPAM!
Remember back in school or college when you had to write pages and pages of long essays, but had no time to write them? Or maybe you were just too lazy? Yeah, good times. Well, it seems like some companies are trying to end this problem. They are offering services where clients pay them to […]
Joomla JomSocial Remote Code Execution Vulnerability
The JomSocial team just released an update that fixes a very serious remote code execution vulnerability that affects any JomSocial version older than 3.1.0.4. From their hot-fix update: Yesterday we released version 3.1.0.4 which fixes two vulnerabilities. As a result of the first vulnerability, our own site was hacked. Thankfully, our security experts spotted the […]
Darkleech + Bitly.com = Insightful Statistics
This post is about how hackers abuse popular web services, and how this helps security researchers obtain interesting statistics about malware attacks. We, at Sucuri, work with infected websites every day. While we see some particular infections on one site or on multiple sites, we can’t accurately tell how many more sites out there are […]
