Over the last year, Sucuri has provided a wide array of posts in regards to how sites are infected, the types of attacks we’ve discovered, how to detect them, and how to prevent future infections with certain methods and tools. In this article we’ll discuss our top 10 posts involving website security, and what site […]
Archive by Author
How do I Know if a Website is Safe to Use my Credit Card?
With regular news stories about companies being hacked, database breaches, internet-breaking vulnerabilities and online credit card theft, web users are justifiably anxious about making online purchases for fear that their personal information will be compromised by attackers. But where does legitimate concern end and outright paranoia begin? In this post I will try to dispel […]
Most Interesting Vulnerabilities of 2021
As with most years, there’s been a wide array of critical vulnerabilities found within content management systems, plugins, API keys, etc. We’ll be recapping our discoveries and how these vulnerabilities were exploited, or potentially could have been. Adobe Patches Critical Magento Vulnerabilities This past year, Adobe released several critical security patches for both their commercial […]
How to Add SSL & Move WordPress from HTTP to HTTPS
Making sure your website uses HTTPS should be a top priority for any webmaster In fact, recent statistics show that over 42% of site administrators across the web use WordPress, and many of these sites still don’t have an SSL certificate installed. The Importance of SSL For the past several years, SSL has become increasingly […]
Critical Vulnerabilities in All in One SEO Plugin Affects Millions of WordPress Websites
Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 / 7.7 Vulnerability: Privilege Escalation, SQL Injection Patched Version: 4.1.5.3 Last week, security researcher at Automattic Marc Montpas recently discovered two severe security vulnerabilities within one of the most popular SEO plugins used by WordPress website owners: All in One SEO. The plugin is used by […]
How to Find and Fix a WordPress Pharma Hack
Did you know that one quarter of all spam emails are accredited to pharmaceutical ads? Pharma hacks go beyond the inbox and spam websites by redirecting traffic and adding fake keywords and subdomains to the search results. Why, and how did the medical world get tangled up in spam emails, SEO spam, redirects, and website […]
Log4j Vulnerability: The Perfect Holiday Present that Nobody Wants
A critical server security vulnerability in the Java logging library Log4j is taking the internet by storm because code to actively exploit this vulnerability is already widely distributed across the web. Originally found on the popular game Minecraft, it has since been shown to affect most web servers running Apache along with its ubiquitous logging […]
How Malware Gets On Your Website
Almost since the Internet’s inception malware infections have kept pace to be the biggest nuisance a site owner experiences. With an ever growing amount of sites making up the World Wide Web, malware infections only become more common. In this article we’ll discuss what malware is, the various types we’ve come across, the methods used […]
E-commerce Website Security Strategy for Holiday Shopping Season
As shopping season approaches once again, we’d like to give you some helpful advice when it comes to managing an e-commerce site, and how to avoid being the target of an attack. Due to the pandemic, more people are spending their time shopping for gifts online than ever before. Global e-commerce sales are projected to […]
PHP Re-Infectors – The Malware that Keeps On Giving
We all know why bad actors infect sites: monetary gain, boosts in SEO ratings for their malware or spam campaigns and a number of other reasons explained in our post on hacker’s motivations. It defeats the purpose of the attack if the malware is easily and quickly removed. Attackers have developed some methods for protecting […]
