Tag Archives: passwords

Personal Security Guide – WiFi Network

This is the third part in our series on personal security that offers methods to strengthen your overall security posture. By taking a holistic approach to security, you are protecting your website against attack vectors due to poor security practices in various aspects of your digital life. This post shares some insight on how to […]

Personal Security Guide – Online Accounts

In our last post on browser security, we talked about how developing a broader security mindset can help keep your website safe. By taking steps to secure your online accounts you can prevent hackers from gaining unauthorized access to your website. There are a number of ways that compromised accounts can leave you exposed to […]

The Principle of Least Privilege

If you own a website and collaborate with others, the principle of least privilege should never be questioned. It is a computer science principle which has applications and benefits to strengthen your website security posture. This principle is about: Using the minimal set of privileges on a system in order to perform an action. Granting […]

Ask Sucuri: How to Stop Brute Force Attacks?

Ask Sucuri: My site is under a brute force attack. What can I do? How can we solve this password guessing problem known as brute forcing? This is a common question we get from users of our WordPress plugin and from the overall community. Brute force attacks are very common, but most people do not […]

Credentials Stealer on Prestashop

In a matter of hours, a big e-commerce website can have hundreds of credit card numbers stolen and used by attackers on other websites around the world. We commonly see ecommerce websites infected with credit card (CC) stealers during our cleanup routine. We’ve been writing more and more notes about these kinds of attacks lately: […]

PCI for SMB – Requirement 2- Do Not Use Defaults

If you have an e-commerce website and you accept credit cards from your clients, you probably already heard of the term PCI compliance. PCI DSS (Payment Card Industry – Data Security Standard) is a standard containing series of security requirements that every merchant, big or small, must follow to be in compliance. PCI was created… […]

The Dynamics of Passwords

How often do you think about the passwords you’re using? Not only for your website, but also for everything else you do on the internet on a daily basis? Are you re-using any of the same passwords to make it easier to remember them? We see it all too often: weak passwords used for FTP, […]

Malvertising on a Website Without Ads

When you first configure your website, whether it be WordPress, Joomla, Drupal, or any other flavor of the month, it is often in its purest state. Unless ofcourse the server was previously compromised, which in it of itself is another conversation outright. Barring that one instance, the new website should not exhibit any malicious behavior. […]

Choosing a Two-Factor Authentication System

We’ve been thinking about how to best implement two-factor authentication to better protect our customers’ accounts for quite some time now. When, about 6 months ago, my account was targeted by hackers the importance of a good account security became clear. However, as my hacking case illustrates, two-factor authentication alone is not a complete answer. […]